Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- * Admin Login - AQW CMS
- * @author - ChromeWolf
- * Modified - 6/6/2012
- * Todo :
- - Use Classes & Objects
- - *********************
- *
- */
- include('includes/config.php');
- session_start();
- date_default_timezone_set('UTC');
- if($_SERVER["REQUEST_METHOD"] == "POST")
- {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $ip = $_SERVER['REMOTE_ADDR'];
- $date = date('l jS \of F Y h:i:s A');
- $encrypted_password = md5($password);
- if(empty($username)) {
- echo "<script>alert('Please Enter a Username');</script>";
- echo "<script>window.location='login.php';</script>";
- die();
- }
- if(empty($password)) {
- echo "<script>alert('Please Enter a Password');</script>";
- echo "<script>window.location='login.php';</script>";
- die();
- }
- $sql="SELECT id FROM cms_admin WHERE username='$username' and password='$encrypted_password'";
- $result=mysql_query($sql);
- $row=mysql_fetch_array($result);
- $count=mysql_num_rows($result);
- if($count==1) {
- session_regenerate_id();
- $_SESSION['admin'] = $username;
- $_SESSION['id'] = $row['id'];
- mysql_query("INSERT INTO `cms_admin_logs`(`ip`, `username`, `date`, `action`) VALUES ('$ip','$username','$date', 'Admin Login')") or die(mysql_error());
- header("location: dashboard.php?login=success");
- }
- else {
- mysql_query("INSERT INTO `cms_admin_logs`(`ip`, `username`, `date`, `action`) VALUES ('$ip','$username','$date', 'Invalid Login')") or die(mysql_error());
- echo "<script>alert('Your login credentials are invalid.');</script>";
- echo "<script>window.location='login.php';</script>";
- }
- }
- include('templates/template.login.php');
- ?>
Add Comment
Please, Sign In to add comment