| System: Linux in-mum-web1642.main-hosting.eu 5.14.0-611.42.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 24 05:30:20 EDT 2026 x86_64 Current Path : /home/u323559503/domains/purplelimonada.com/public_html/panel/admin/app/ |
| Current File : /home/u323559503/domains/purplelimonada.com/public_html/panel/admin/app/login_crud.php |
<?php
include("../../assets/constant/config.php");
session_start();
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if (isset($_POST['submit'])) {
$stmt9 = $conn->prepare("SELECT * FROM `manage_web` ");
$stmt9->execute();
$record9 = $stmt9->fetch();
if ($record9['captcha'] == '0') {
if (isset($_POST['g-recaptcha-response'])) {
$stmt1 = $conn->prepare("SELECT * FROM `manage_web` ");
$stmt1->execute();
$record1 = $stmt1->fetchAll();
foreach ($record1 as $key1) {
$secretekey = $key1['secretkey'];
}
$ip = $_SERVER['REMOTE_ADDR'];
$response = $_POST['g-recaptcha-response'];
$url = "https://www.google.com/recaptcha/api/siteverify?secret=$secretekey&response=$response&remoteip=$ip";
$fire = file_get_contents($url);
$data = json_decode($fire);
if ($data->success == true) {
$passw = hash('sha256', $_POST['password']);
function createSalt()
{
return '2123293dsj2hu2nikhiljdsd';
}
$salt = createSalt();
$password = hash('sha256', $salt . $passw);
$stmt1 = $conn->prepare("SELECT * FROM `login` where email='" . $_POST['email'] . "' AND password='" . $password . "'");
$stmt1->execute();
$record = $stmt1->fetchAll();
$res = count($record);
if ($res > 0) {
foreach ($record as $res) {
if ($password == $res['password']) {
$_SESSION['id'] = $res['id'];
}
header("location:../dashboard.php");
}
} else {
echo '<script>
alert("Wrong Password or Email");
window.location.href = "../../index.php";
</script>';
}
} else {
echo '<script>
alert("Please Fill the Captcha");
window.location.href = "../../index.php";
</script>';
}
}
} else {
$passw = hash('sha256', $_POST['password']);
function createSalt()
{
return '2123293dsj2hu2nikhiljdsd';
}
$salt = createSalt();
$password = hash('sha256', $salt . $passw);
$stmt1 = $conn->prepare("SELECT * FROM `login` where email='" . $_POST['email'] . "' AND password='" . $password . "'");
$stmt1->execute();
$record = $stmt1->fetchAll();
$res = count($record);
if ($res > 0) {
foreach ($record as $res) {
if ($password == $res['password']) {
$_SESSION['id'] = $res['id'];
}
header("location:../dashboard.php");
}
} else {
echo '<script>
alert("Wrong Password or Email");
window.location.href = "../../index.php";
</script>';
}
}
}
} catch (PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}