2013-02-13 107 views
0

好吧,所以我已經下載了mibew messenger,我想定製按鈕,所以我進入login.php並且登錄的實際提交按鈕是type="image",所以我更改爲type="submit",當我提交表單我得到一個不正確的用戶名/密碼錯誤,無論如何,我很困惑,所以我正在查看其他文件的負載,看看我是否能找到任何與type="image"有關的東西,只是在有些事情可以識別type="image",以及我不知道,我沒有找到任何東西,但我沒有發現的是,當我輸入admin到用戶名和點擊login提交按鈕它返回登錄錯誤,但也在我把admin現在有值type="submit"所以在這種情況下它是sa ys login因爲值是value="login",我真的很困惑,我想也許它提交「登錄」而不是「管理員」作爲用戶名。輸入類型提交登錄錯誤

這裏是提交之前和之後的按鈕:

<input type="submit" name="login" value="login" >

ORIGINAL

<input type="image" name="login" src='<?php echo $webimroot.getlocal("image.button.login") ?>' alt='<?php echo getlocal("button.enter") ?>'/> 

如果我改回原來的正常工作,但我想用css而不是圖片。

另外,這將是很難做出一個jsfiddle,否則我會做一個。

這是login.php中哪裏是帖子這是包含在operator.php的login.php

$can_administrate = 0; 
$can_takeover = 1; 
$can_viewthreads = 2; 
$can_modifyprofile = 3; 

$can_count = 4; 

$permission_ids = array(
    $can_administrate => "admin", 
    $can_takeover => "takeover", 
    $can_viewthreads => "viewthreads", 
    $can_modifyprofile => "modifyprofile" 
); 

function operator_by_login($login) 
{ 
    global $mysqlprefix; 
    $link = connect(); 
    $operator = select_one_row(
     "select * from ${mysqlprefix}chatoperator where vclogin = '" . mysql_real_escape_string($login) . "'", $link); 
    mysql_close($link); 
    return $operator; 
} 

function operator_by_email($mail) 
{ 
    global $mysqlprefix; 
    $link = connect(); 
    $operator = select_one_row(
     "select * from ${mysqlprefix}chatoperator where vcemail = '" . mysql_real_escape_string($mail) . "'", $link); 
    mysql_close($link); 
    return $operator; 
} 

function operator_by_id_($id, $link) 
{ 
    global $mysqlprefix; 
    return select_one_row(
     "select * from ${mysqlprefix}chatoperator where operatorid = $id", $link); 
} 

function operator_by_id($id) 
{ 
    $link = connect(); 
    $operator = operator_by_id_($id, $link); 
    mysql_close($link); 
    return $operator; 
} 

function operator_get_all() 
{ 
    global $mysqlprefix; 
    $link = connect(); 

    $query = "select operatorid, vclogin, vclocalename, vccommonname, istatus, (unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time " . 
      "from ${mysqlprefix}chatoperator order by vclogin"; 
    $operators = select_multi_assoc($query, $link); 
    mysql_close($link); 
    return $operators; 
} 

function operator_is_online($operator) 
{ 
    global $settings; 
    return $operator['time'] < $settings['online_timeout']; 
} 

function operator_is_available($operator) 
{ 
    global $settings; 
    return $operator['istatus'] == 0 && $operator['time'] < $settings['online_timeout'] ? "1" : ""; 
} 

function operator_is_away($operator) 
{ 
    global $settings; 
    return $operator['istatus'] != 0 && $operator['time'] < $settings['online_timeout'] ? "1" : ""; 
} 

function update_operator($operatorid, $login, $email, $password, $localename, $commonname) 
{ 
    global $mysqlprefix; 
    $link = connect(); 
    $query = sprintf(
     "update ${mysqlprefix}chatoperator set vclogin = '%s',%s vclocalename = '%s', vccommonname = '%s'" . 
     ", vcemail = '%s', vcjabbername= '%s'" . 
     " where operatorid = %s", 
     mysql_real_escape_string($login), 
     ($password ? " vcpassword='" . md5($password) . "'," : ""), 
     mysql_real_escape_string($localename), 
     mysql_real_escape_string($commonname), 
     mysql_real_escape_string($email), 
     '', 
     $operatorid); 

    perform_query($query, $link); 
    mysql_close($link); 
} 

function update_operator_avatar($operatorid, $avatar) 
{ 
    global $mysqlprefix; 
    $link = connect(); 
    $query = sprintf(
     "update ${mysqlprefix}chatoperator set vcavatar = '%s' where operatorid = %s", 
     mysql_real_escape_string($avatar), $operatorid); 

    perform_query($query, $link); 
    mysql_close($link); 
} 

function create_operator_($login, $email, $password, $localename, $commonname, $avatar, $link) 
{ 
    global $mysqlprefix; 
    $query = sprintf(
     "insert into ${mysqlprefix}chatoperator (vclogin,vcpassword,vclocalename,vccommonname,vcavatar,vcemail,vcjabbername) values ('%s','%s','%s','%s','%s','%s','%s')", 
     mysql_real_escape_string($login), 
     md5($password), 
     mysql_real_escape_string($localename), 
     mysql_real_escape_string($commonname), 
     mysql_real_escape_string($avatar), 
     mysql_real_escape_string($email), ''); 

    perform_query($query, $link); 
    $id = mysql_insert_id($link); 

    return select_one_row("select * from ${mysqlprefix}chatoperator where operatorid = $id", $link); 
} 

function create_operator($login, $email, $password, $localename, $commonname, $avatar) 
{ 
    $link = connect(); 
    $newop = create_operator_($login, $email, $password, $localename, $commonname, $avatar, $link); 
    mysql_close($link); 
    return $newop; 
} 

function notify_operator_alive($operatorid, $istatus) 
{ 
    global $mysqlprefix; 
    $link = connect(); 
    perform_query("update ${mysqlprefix}chatoperator set istatus = $istatus, dtmlastvisited = CURRENT_TIMESTAMP where operatorid = $operatorid", $link); 
    mysql_close($link); 
} 

function has_online_operators($groupid = "") 
{ 
    global $settings, $mysqlprefix; 
    loadsettings(); 
    $link = connect(); 
    $query = "select count(*) as total, min(unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time from ${mysqlprefix}chatoperator"; 
    if ($groupid) { 
     $query .= ", ${mysqlprefix}chatgroupoperator where groupid = $groupid and ${mysqlprefix}chatoperator.operatorid = ${mysqlprefix}chatgroupoperator.operatorid and istatus = 0"; 
    } else { 
     $query .= " where istatus = 0"; 
    } 
    $row = select_one_row($query, $link); 
    mysql_close($link); 
    return $row['time'] < $settings['online_timeout'] && $row['total'] > 0; 
} 

function is_operator_online($operatorid, $link) 
{ 
    global $settings, $mysqlprefix; 
    loadsettings_($link); 
    $query = "select count(*) as total, min(unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time " . 
      "from ${mysqlprefix}chatoperator where operatorid = $operatorid"; 
    $row = select_one_row($query, $link); 
    return $row['time'] < $settings['online_timeout'] && $row['total'] == 1; 
} 

function get_operator_name($operator) 
{ 
    global $home_locale, $current_locale; 
    if ($home_locale == $current_locale) 
     return $operator['vclocalename']; 
    else 
     return $operator['vccommonname']; 
} 

function append_query($link, $pv) 
{ 
    $infix = '?'; 
    if (strstr($link, $infix) !== FALSE) 
     $infix = '&amp;'; 
    return "$link$infix$pv"; 
} 

function check_login($redirect = true) 
{ 
    global $root, $mysqlprefix; 
    if (!isset($_SESSION["${mysqlprefix}operator"])) { 
     if (isset($_COOKIE['webim_lite'])) { 
      list($login, $pwd) = preg_split("/,/", $_COOKIE['webim_lite'], 2); 
      $op = operator_by_login($login); 
      if ($op && isset($pwd) && isset($op['vcpassword']) && md5($op['vcpassword']) == $pwd) { 
       $_SESSION["${mysqlprefix}operator"] = $op; 
       return $op; 
      } 
     } 
     $requested = $_SERVER['PHP_SELF']; 
     if ($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['QUERY_STRING']) { 
      $requested .= "?" . $_SERVER['QUERY_STRING']; 
     } 
     if ($redirect) { 
      $_SESSION['backpath'] = $requested; 
      header("Location: $root/agent/login.php"); 
      exit; 
     } else { 
      return null; 
     } 
    } 
    return $_SESSION["${mysqlprefix}operator"]; 
} 

function get_logged_in() 
{ 
    global $mysqlprefix; 
    return isset($_SESSION["${mysqlprefix}operator"]) ? $_SESSION["${mysqlprefix}operator"] : FALSE; 
} 

function login_operator($operator, $remember) 
{ 
    global $root, $mysqlprefix; 
    $_SESSION["${mysqlprefix}operator"] = $operator; 
    if ($remember) { 
     $value = $operator['vclogin'] . "," . md5($operator['vcpassword']); 
     setcookie('webim_lite', $value, time() + 60 * 60 * 24 * 1000, "$root/"); 

    } else if (isset($_COOKIE['webim_lite'])) { 
     setcookie('webim_lite', '', time() - 3600, "$root/"); 
    } 
} 

function logout_operator() 
{ 
    global $root, $mysqlprefix; 
    unset($_SESSION["${mysqlprefix}operator"]); 
    unset($_SESSION['backpath']); 
    if (isset($_COOKIE['webim_lite'])) { 
     setcookie('webim_lite', '', time() - 3600, "$root/"); 
    } 
} 

function setup_redirect_links($threadid, $token) 
{ 
    global $page, $root, $settings, $mysqlprefix; 
    loadsettings(); 
    $link = connect(); 

    $operatorscount = db_rows_count("${mysqlprefix}chatoperator", array(), "", $link); 

    $groupscount = 0; 
    $groups = array(); 
    if ($settings['enablegroups'] == "1") { 
     foreach (get_groups($link, true) as $group) { 
      if ($group['inumofagents'] == 0) { 
       continue; 
      } 
      $groups[] = $group; 
     } 
     $groupscount = count($groups); 
    } 

    prepare_pagination(max($operatorscount, $groupscount), 8); 
    $p = $page['pagination']; 
    $limit = $p['limit']; 

    $operators = select_multi_assoc(db_build_select(
             "operatorid, vclogin, vclocalename, vccommonname, istatus, (unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time", 
             "${mysqlprefix}chatoperator", array(), "order by vclogin $limit"), $link); 

    $groups = array_slice($groups, $p['start'], $p['end'] - $p['start']); 
    mysql_close($link); 

    $agent_list = ""; 
    $params = array('thread' => $threadid, 'token' => $token); 
    foreach ($operators as $agent) { 
     $params['nextAgent'] = $agent['operatorid']; 
     $status = $agent['time'] < $settings['online_timeout'] 
       ? ($agent['istatus'] == 0 
         ? getlocal("char.redirect.operator.online_suff") 
         : getlocal("char.redirect.operator.away_suff") 
       ) 
       : ""; 
     $agent_list .= "<li><a href=\"" . add_params($root . "/agent/redirect.php", $params) . 
         "\" title=\"" . topage(get_operator_name($agent)) . "\">" . 
         topage(get_operator_name($agent)) . 
         "</a> $status</li>"; 
    } 
    $page['redirectToAgent'] = $agent_list; 

    $group_list = ""; 
    if ($settings['enablegroups'] == "1") { 
     $params = array('thread' => $threadid, 'token' => $token); 
     foreach ($groups as $group) { 
      $params['nextGroup'] = $group['groupid']; 
      $status = $group['ilastseen'] !== NULL && $group['ilastseen'] < $settings['online_timeout'] 
        ? getlocal("char.redirect.operator.online_suff") 
        : ($group['ilastseenaway'] !== NULL && $group['ilastseenaway'] < $settings['online_timeout'] 
          ? getlocal("char.redirect.operator.away_suff") 
          : ""); 
      $group_list .= "<li><a href=\"" . add_params($root . "/agent/redirect.php", $params) . 
          "\" title=\"" . topage(get_group_name($group)) . "\">" . 
          topage(get_group_name($group)) . 
          "</a> $status</li>"; 
     } 
    } 
    $page['redirectToGroup'] = $group_list; 
} 

$permission_list = array(); 

function get_permission_list() 
{ 
    global $permission_list, $permission_ids; 
    if (count($permission_list) == 0) { 
     foreach ($permission_ids as $permid) { 
      $permission_list[] = array(
       'id' => $permid, 
       'descr' => getlocal("permission.$permid") 
      ); 
     } 
    } 
    return $permission_list; 
} 

function is_capable($perm, $operator) 
{ 
    $permissions = $operator && isset($operator['iperm']) ? $operator['iperm'] : 0; 
    return $perm >= 0 && $perm < 32 && ($permissions & (1 << $perm)) != 0; 
} 

function prepare_menu($operator, $hasright = true) 
{ 
    global $page, $settings, $can_administrate; 
    $page['operator'] = topage(get_operator_name($operator)); 
    if ($hasright) { 
     loadsettings(); 
     $page['showban'] = $settings['enableban'] == "1"; 
     $page['showgroups'] = $settings['enablegroups'] == "1"; 
     $page['showstat'] = $settings['enablestatistics'] == "1"; 
     $page['showadmin'] = is_capable($can_administrate, $operator); 
     $page['currentopid'] = $operator['operatorid']; 
    } 
} 

function get_all_groups($link) 
{ 
    global $mysqlprefix; 
    $query = "select ${mysqlprefix}chatgroup.groupid as groupid, vclocalname, vclocaldescription from ${mysqlprefix}chatgroup order by vclocalname"; 
    return select_multi_assoc($query, $link); 
} 

function get_groups($link, $checkaway) 
{ 
    global $mysqlprefix; 
    $query = "select ${mysqlprefix}chatgroup.groupid as groupid, vclocalname, vclocaldescription" . 
      ", (SELECT count(*) from ${mysqlprefix}chatgroupoperator where ${mysqlprefix}chatgroup.groupid = ${mysqlprefix}chatgroupoperator.groupid) as inumofagents" . 
      ", (SELECT min(unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time " . 
      "from ${mysqlprefix}chatgroupoperator, ${mysqlprefix}chatoperator where istatus = 0 and ${mysqlprefix}chatgroup.groupid = ${mysqlprefix}chatgroupoperator.groupid " . 
      "and ${mysqlprefix}chatgroupoperator.operatorid = ${mysqlprefix}chatoperator.operatorid) as ilastseen" . 
      ($checkaway 
        ? ", (SELECT min(unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time " . 
         "from ${mysqlprefix}chatgroupoperator, ${mysqlprefix}chatoperator where istatus <> 0 and ${mysqlprefix}chatgroup.groupid = ${mysqlprefix}chatgroupoperator.groupid " . 
         "and ${mysqlprefix}chatgroupoperator.operatorid = ${mysqlprefix}chatoperator.operatorid) as ilastseenaway" 
        : "" 
      ) . 
      " from ${mysqlprefix}chatgroup order by vclocalname"; 
    return select_multi_assoc($query, $link); 
} 

function get_operator_groupids($operatorid) 
{ 
    global $mysqlprefix; 
    $link = connect(); 
    $query = "select groupid from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid"; 
    $result = select_multi_assoc($query, $link); 
    mysql_close($link); 
    return $result; 
} 

而且它不會讓我,如果你添加更多的代碼數據

require_once('../libs/common.php'); 
require_once('../libs/operator.php'); 

$errors = array(); 
$page = array('formisRemember' => true, 'version' => $version); 

if (isset($_POST['login']) && isset($_POST['password'])) { 
    $login = getparam('login'); 
    $password = getparam('password'); 
    $remember = isset($_POST['isRemember']) && $_POST['isRemember'] == "on"; 

    $operator = operator_by_login($login); 
    if ($operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password)) { 

     $target = isset($_SESSION['backpath']) 
       ? $_SESSION['backpath'] 
       : "$root/agent/index.php"; 

     login_operator($operator, $remember); 
     header("Location: $target"); 
     exit; 
    } else { 
     $errors[] = getlocal("page_login.error"); 
     $page['formlogin'] = $login; 
    } 
} 

$page['localeLinks'] = get_locale_links("$root/agent/login.php"); 
start_html_output(); 
require('../display/login.php'); 

需要common.php讓我知道

+0

把你的php代碼 – Cooper 2013-02-13 19:08:37

+3

你意識到,當你使用圖像作爲提交按鈕,你提交的按鈕點擊的X/Y座標?也許這個腳本正在尋找值「login」被傳回給它,現在你已經刪除了它。 – 2013-02-13 19:09:31

+0

我已經添加了一些php代碼 – iConnor 2013-02-13 19:21:29

回答

1

沒有看到你的PHP很難說,但它可能是該圖像提交「登錄」作爲POST/GET變量值數組(x,y),其中提交類型將只是一個STRI ng值。如果您根據該值檢查提交內容,則需要進行一些更改。

編輯:

看你的代碼,它看起來就像你可能會使用「登錄」作爲用戶名,並提交按鈕。嘗試將提交按鈕名稱更改爲其他名稱。

<input type="submit" name="loginButton" value="login" /> 
+0

爲什麼downvote? – fanfavorite 2013-02-13 19:18:45

+0

人們總是這樣做,爲此它永遠不會解釋爲什麼他們這樣做不擔心 – iConnor 2013-02-13 19:21:07

+0

是的,好的,但我找不到任何有關x和y我已經添加了一些php代碼 – iConnor 2013-02-13 19:25:31