Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if (isset($_SESSION["manager"])){
- header("location: index.php");
- exit();
- }
- ?>
- <?php
- //Parse the login form if the user has filled it out and pressed "Log in"
- if (isset($_POST["username"]) && isset($_POST["password"])){
- $manager = preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]);//filter everything but numbers & letters
- $password = preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]);//filter everything but numbers & letters
- //connect to the MySQL database
- include ("/home/lateral/public_html_com533/Scripts/connect_to_mysql.php");
- $sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); //query the person
- //------MAKE SURE PERSON EXISTS IN DATABASE ------
- $existCount= mysql_num_rows($sql); //count the row nums
- if ($existCount == 1) {// evaluate the count
- while($row = mysql_fetch_array($sql)){
- $id = $row["id"];
- }
- $_SESSION["id"] = $id;
- $_SESSION["manager"] = $manager;
- $_SESSION["password"] = $password;
- header("location: index.php");
- exit();
- }else{
- echo 'That information is incorrect, try again <a href="index.php">Click here</a>';
- exit();
- }
- }
- ?>
- <?php # Script 3.4 - index.php
- $page_title = 'Store Admin Page';
- include ("../includes/header.php");
- ?>
- <h2>Please log in to manage the store</h2>
- <form id="" method="post" action="admin_login.php">
- <label for="username" Username:</label>
- <input name="username" placeholder="Username" type="text" id="username" size="40"/>
- <label for="password" Password:</label>
- <input name="password" placeholder="Password" type="password" id="password" size="40"/>
- <label>
- <input type="submit" name="button" id="button" value="login"/>
- </label>
- </form>
- <?php
- include ('../includes/footer.php');
- ?>
Add Comment
Please, Sign In to add comment