|
[ sascha2012 @ 13.10.2005. 08:43 ] @
[ sascha2012 @ 13.10.2005. 08:46 ] @
Zaboravio sam skriptu da napisem
Code: <?php $sname=" - Login"; if($_REQUEST['send']==1) { $user_passwort = md5($_REQUEST['user_passwort']); $user_passwort = mysql_escape_string($user_passwort); $sql1 = "SELECT * FROM " . $sql_prefix . "_benutzer WHERE user_name='".mysql_escape_string($_REQUEST['user_name']) ."' AND user_passwort='$user_passwort' AND user_activated='1' AND user_gesperrt='0'"; $result1 = mysql_query($sql1); if(!$row1 = mysql_fetch_object($result1)) { header("location:index.php?templateid=error&code=16"); exit(); } else { if($_REQUEST['savecookie']==1){ setcookie ("c_user_name", $row1->user_name,time()+(3600*24*31*12)); setcookie("c_user_passwort",$row1->user_passwort,time()+(3600*24*31*12)); setcookie("lastloggin",time(),time()+(3600*24*31*12)); } else { setcookie ("c_user_name", $row1->user_name,0); setcookie("c_user_passwort",$row1->user_passwort,0); setcookie("lastloggin",time(),time()+(3600*24*31*12)); } $HTTP_SESSION_VARS['user_name']=$row1->user_name; $HTTP_SESSION_VARS['user_passwort']=$row1->user_passwort; $url = $_REQUEST['url']; //header("location:$url"); echo "<script>document.location='$url';</script><a href=\"$url\">Weiter...</a>"; } } else { header("location:index.php?templateid=error&code=16"); exit(); } ?> // edit (nK) - molim te koristi bb code tag za listing koda. [Ovu poruku je menjao noviKorisnik dana 13.10.2005. u 09:53 GMT+1] [ noviKorisnik @ 13.10.2005. 09:03 ] @
Citat: Code: $url = $_REQUEST['url']; echo "<script>document.location='$url';</script>... Proveri koju vrednost ima $_REQUEST ['url'] jer se ovde baš ne vidi, a javascript radi redirekciju na tu stranicu. Recimo... za proveru ubaci između ove dve linije Code: die ($url); Copyright (C) 2001-2026 by www.elitesecurity.org. All rights reserved.
|