Location: PHPKode > projects > DDL CMS > Upload these files to your webspace/admin/login.php
<?php

/**********************************************************
*  ______   ______   ___      _______  ___ ___  _______   *
* |   _  \ |   _  \ |   |    |   _   ||   Y   ||   _   |  *
* |.  |   \|.  |   \|.  |    |.  1___||.      ||   1___|  *
* |.  |    |.  |    |.  |___ |.  |___ |. \_/  ||____   |  *
* |:  1    |:  1    |:  1   ||:  1   ||:  |   ||:  1   |  *
* |::.. . /|::.. . /|::.. . ||::.. . ||::.|:. ||::.. . |  *
* `------' `------' `-------'`-------'`--- ---'`-------'  *
*                                _______        _______   *
*                    .--.--.    |   _   |      |       |  *
*                    |  |  |    |___|   |  __  |___|   |  *
*                     \___/      _(__   | |__|  /  ___/   *
*                               |:  1   |      |:  1  \   *
*                               |::.. . |      |::.. . |  *
*                               `-------'      `-------'  *
*                                                         *
*                                   Script: DDLCMS v3.2   *
*                                 Author: Little Dragon   *
*                              Email: hide@address.com   *
*                        Website: http://www.ddlcms.com   *
*                                                         *
*    Please direct bug reports, suggestions or feedback   *
*                                 to the DDLCMS forums:   *
*                                                         *
*                          http://www.ddlcms.com/forums   *
*                                                         *
*    DDLCMS is a commercial grade content management      *
*    system for DDL site owners. It is provided free      *
*    of charge, provided:                                 *
*                                                         *
*    1. You keep the linkback to http://www.ddlcms.com    *
*       in the footer.                                    *
*                                                         *
*    2. You keep the sponsored links to Sharingzone.net   *
*       on your site.                                     *
*                                                         *
*    By using this script, you agree that you will not    *
*    modify, remove, or replace any encoded parts of      *
*    this script. All encoded parts MUST remain intact    *
*    for your site to remain in good standing.            *
*                                                         *
**********************************************************/

	if(isset($_GET) && is_array($_GET) && count($_GET) == 1 && array_key_exists('logout', $_GET))
	{
		$_SESSION = NULL;
		session_destroy();
		header('Location: ' . $site_url . '/admin/');
	}
	if((!isset($_SESSION) || !is_array($_SESSION) || !array_key_exists('authuser', $_SESSION)) && checkPostForm('adminLogin', $_POST) === TRUE)
	{
		$username = hash('sha512', $_POST['username']);
		$password = hash('sha512', $_POST['password']);
		$login = $_POST['login'];
		$get = dbcom('SELECT * FROM auth LIMIT 1;');
		$bannedIPQuery = dbcom("SELECT id FROM admin_bannedips WHERE ip = '{$_SERVER['REMOTE_ADDR']}' LIMIT 1;");
		$bannedIPs = mysql_num_rows($bannedIPQuery);
		$row = mysql_fetch_assoc($get);
		$adminuser = $row['user'];
		$adminpass = $row['pass'];
		$locked = $row['locked'];
		$failedLoginQuery = dbcom("SELECT TIMESTAMPDIFF(MINUTE, (SELECT loginTime FROM admin_logins WHERE ip = '{$_SERVER['REMOTE_ADDR']}' AND loginType = 0 AND viewed = 0 ORDER BY id DESC LIMIT 4,1), (SELECT loginTime FROM admin_logins WHERE ip = '{$_SERVER['REMOTE_ADDR']}' AND loginType = 0 AND viewed = 0 ORDER BY id DESC LIMIT 1)) AS theDiff, TIMESTAMPDIFF(HOUR, (SELECT loginTime FROM admin_logins WHERE ip = '{$_SERVER['REMOTE_ADDR']}' AND loginType = 0 AND viewed = 0 ORDER BY id DESC LIMIT 1), NOW()) AS theInterval;");
		$failedLoginArray = mysql_fetch_assoc($failedLoginQuery);
		session_start();
		if($_SESSION['authuser'] != $adminuser)
		{
			if(!$login)
			{
				loginpage(FALSE);
			}
			elseif($bannedIPs == 1)
			{
				loginpage('locked');
			}
			elseif($failedLoginArray['theDiff'] != NULL && $failedLoginArray['theDiff'] <= 30 && $failedLoginArray['theInterval'] != NULL && $failedLoginArray['theInterval'] < 24)
			{
				loginpage('lock');
			}
			elseif(($username != $adminuser) || ($password != $adminpass))
			{
				loginpage(TRUE);
			}
			else
			{
				$_SESSION['authuser'] = $adminuser;
				dbcom("INSERT INTO admin_logins VALUES(NULL, '{$_SERVER['REMOTE_ADDR']}', NOW(), 1, 1);");
				dbcom("UPDATE auth SET locked = 0 WHERE user = '$adminuser' LIMIT 1;");
				header('Location: ' . $_SERVER['REQUEST_URI']);
			}
		}
	}
	elseif((!isset($_SESSION) || !is_array($_SESSION) || !array_key_exists('authuser', $_SESSION)) && checkPostForm('adminLogin', $_POST) !== TRUE)
	{
		# else we enter the restricted area
		loginpage(FALSE);
		session_destroy();
	}
?>
Return current item: DDL CMS