|
3 | 3 | session_start(); |
4 | 4 | $status = $_SESSION['status']; |
5 | 5 | if($status == "1"){ |
6 | | -}else if($status != "1"){ |
| 6 | + if($_SESSION['logged_in']=="1"){ |
| 7 | + echo "<p style=\"color:red;\"><b>You are already logged in!!!</b></p>"; |
| 8 | + $_SESSION['logged_in']="0"; |
| 9 | +}}else if($status != "1"){ |
7 | 10 | header("Location: /404.php");} |
8 | | - |
9 | 11 | ?> |
10 | 12 | <html> |
11 | 13 | <head> |
12 | 14 | <title>Admin Panel</title> |
13 | 15 | </head> |
14 | 16 | <body> |
| 17 | +<h1 style="text-align: center;">Admin Panel</h1> |
| 18 | +<a href="logout.php">Logout</a><hr> |
15 | 19 | <p>Below is version v.000001 of admin panel by NerdOfCode</p> |
16 | 20 | <p>You can execute shell commands seperately from Mysql commands</p> |
17 | 21 | <form action="" name="query" id="query" method="post"> |
18 | 22 | SHELL:   <input type="text" id="query_box" name="query_box" placeholder="Ex: whoami"></input><br><br> |
19 | | - DBNAM: <input type="text" id="mysql_get" name="mysql_get" placeholder="ex: custom"></input><br><br> |
20 | | - HOST :    <input type="text" id="host" name="host" placeholder="localhost"></input><br><br> |
21 | | - USER :    <input type="text" id="user" name="user"></input><br><br> |
22 | | - PASS :     <input type="password" id="pass" name="pass"></input></br><br> |
23 | | - QUERY:   <input type="text" id="myquery" name="myquery" placeholder="SELECT * FROM test;"></input><br><br> |
| 23 | + DBNAM: <input type="text" id="mysql_get" name="mysql_get" placeholder="ex: custom" value="<?php echo $_SESSION[udb];?>"></input><br><br> |
| 24 | + HOST :    <input type="text" id="host" name="host" placeholder="localhost" value="<?php echo $_SESSION['host'];?>"></input><br><br> |
| 25 | + USER :    <input type="text" id="user" name="user" value="<?php echo $_SESSION['mysql_user'];?>"></input><br><br> |
| 26 | + PASS :     <input type="password" id="pass" name="pass" value="<?php echo $_SESSION['mysql_pass'];?>"></input></br><br> |
| 27 | + QUERY:   <input type="text" id="myquery" name="myquery" placeholder="SELECT * FROM test;" value="<?php echo $_SESSION['query'];?>"></input><br><br> |
24 | 28 | <button type="Submit" value="Submit">Submit</button> |
| 29 | + |
25 | 30 | </form> |
| 31 | + |
26 | 32 | </body> |
27 | 33 |
|
28 | 34 | <?php |
|
31 | 37 | $pass=$_POST['pass']; |
32 | 38 | $query=$_POST['myquery'];//Commands |
33 | 39 | $host=$_POST['host']; |
| 40 | +//Set all current values as session variables below |
| 41 | +$_SESSION['saved_info']="1";$_SESSION['udb']="$udb";$_SESSION['mysql_user']="$user";$_SESSION['mysql_pass']="$pass";$_SESSION['query']="$query";$_SESSION['host']="$host"; |
34 | 42 |
|
35 | 43 |
|
36 | | - |
37 | | - |
38 | | -$db = mysqli_connect($host,$user,$pass,$udb) or die("Error connection to MySQL failed"); |
| 44 | +$db = mysqli_connect($host,$user,$pass,$udb) or die("<p style=\"color:red;\"><b>Error: </b> connection to MySQL failed. Please re-enter information and try again.</p>"); |
39 | 45 | mysqli_query($db, $query) or die("Unable to access MYSQL"); |
40 | 46 | $result = mysqli_query($db, $query); |
41 | 47 | $row = mysqli_fetch_array($result); |
|
0 commit comments