<?php/* * Admin Login - AQW CMS * @author - ChromeWolf * Modified - 6/6

1. <?php
2. /*
3. * Admin Login - AQW CMS
4. * @author - ChromeWolf
5. * Modified - 6/6/2012
6. * Todo :
7. - Use Classes & Objects
8. - *********************
9. *
10.  
11. */
12. include('includes/config.php');
13. session_start();
14. date_default_timezone_set('UTC');
15. if($_SERVER["REQUEST_METHOD"] == "POST")
16. {
17. $username = $_POST['username'];
18. $password = $_POST['password'];
19. $ip = $_SERVER['REMOTE_ADDR'];
20. $date = date('l jS \of F Y h:i:s A');
21. $encrypted_password = md5($password);
22. if(empty($username)) {
23. echo "<script>alert('Please Enter a Username');</script>";
24. echo "<script>window.location='login.php';</script>";
25. die();
26. }
27. if(empty($password)) {
28. echo "<script>alert('Please Enter a Password');</script>";
29. echo "<script>window.location='login.php';</script>";
30. die();
31. }
32. $sql="SELECT id FROM cms_admin WHERE username='$username' and password='$encrypted_password'";
33.  
34. $result=mysql_query($sql);
35. $row=mysql_fetch_array($result);
36. $count=mysql_num_rows($result);
37. if($count==1) {
38. session_regenerate_id();
39. $_SESSION['admin'] = $username;
40. $_SESSION['id'] = $row['id'];
41. mysql_query("INSERT INTO `cms_admin_logs`(`ip`, `username`, `date`, `action`) VALUES ('$ip','$username','$date', 'Admin Login')") or die(mysql_error());
42. header("location: dashboard.php?login=success");
43. }
44. else {
45. mysql_query("INSERT INTO `cms_admin_logs`(`ip`, `username`, `date`, `action`) VALUES ('$ip','$username','$date', 'Invalid Login')") or die(mysql_error());
46. echo "<script>alert('Your login credentials are invalid.');</script>";
47. echo "<script>window.location='login.php';</script>";
48. }
49. }
50. include('templates/template.login.php');
51. ?>