1 files changed, 30 insertions, 0 deletions
diff --git a/admin/login.php b/admin/login.php
new file mode 100644
index 0000000..f938664
--- /dev/null
+++ b/admin/login.php

@@ -0,0 +1,30 @@
+<?php
+if (!isset($_GET['submit']))
+{
+?>
+<FORM ACTION="/admin/login.php?submit=" METHOD="POST">
+Username: <INPUT TYPE="text" NAME="user"><BR>
+Password: <INPUT TYPE="password" NAME="pass"><BR>
+<INPUT TYPE="submit"></FORM>
+<?php
+} else {
+        $getconfig = "SELECT * FROM config WHERE name = \"username\" OR name = \"password\" ORDER BY name DESC";
+        $getconfig2 = mysql_query($getconfig) or die($getconfig);
+        $username = mysql_fetch_array($getconfig2);
+        $password = mysql_fetch_array($getconfig2);
+        if (($username['value'] == $_POST['user']) && ($password['value'] == md5($_POST['pass'])))
+        {
+                $_SESSION['username'] = $_POST['user'];
+                header('Location: /admin/');
+                exit;
+        } else {
+?><H2>Incorrect login</H2><?php
+        }
+}
+?>

diff --git a/admin/login.php b/admin/login.php new file mode 100644 index 0000000..f938664 --- /dev/null +++ b/admin/login.php
@@ -0,0 +1,30 @@
	1	<?php
	2
	3	if (!isset($_GET['submit']))
	4	{
	5
	6	?>
	7	<FORM ACTION="/admin/login.php?submit=" METHOD="POST">
	8	Username: <INPUT TYPE="text" NAME="user"><BR>
	9	Password: <INPUT TYPE="password" NAME="pass"><BR>
	10	<INPUT TYPE="submit"></FORM>
	11	<?php
	12
	13	} else {
	14	$getconfig = "SELECT * FROM config WHERE name = \"username\" OR name = \"password\" ORDER BY name DESC";
	15	$getconfig2 = mysql_query($getconfig) or die($getconfig);
	16	$username = mysql_fetch_array($getconfig2);
	17	$password = mysql_fetch_array($getconfig2);
	18
	19	if (($username['value'] == $_POST['user']) && ($password['value'] == md5($_POST['pass'])))
	20	{
	21	$_SESSION['username'] = $_POST['user'];
	22
	23	header('Location: /admin/');
	24	exit;
	25	} else {
	26	?><H2>Incorrect login</H2><?php
	27	}
	28	}
	29
	30	?>