<form id="1" name="1" action="pass.php" method="post"><div class="login">

1. <form id="1" name="1" action="pass.php" method="post">
2. <div class="login">
3.  
4. <input placeholder="Usuário" type="text" id="username" size="25" name="name" /><br>
5. <input placeholder="Senha" id="pass" type="password" size="25" name="pass" /><br>
6. <input type="submit" name="_2" value="Login" />
7. <input type="hidden" name="ed_type" value="" />
8. <input type="hidden" name="redirect" value="<? echo $redirect;?>" />
9. </div>
10. </form>
11.  
12. <?
13. session_start();
14. $usuario_admin=isset($_SESSION['1x11'])?$_SESSION['1x11']:'';
15.  
16. include("conf.inc.php");
17. include("conectar.php");
18.  
19. $query="select * from admin where username='".$_POST["name"]."' and pass=MD5('".$_POST["pass"]."')";
20. $result=mysql_query($query,$db);
21. $row=mysql_fetch_array($result);
22. $total = mysql_num_rows($result);
23. $name=$_POST['name'];
24. $pass=$_POST['pass'];
25. $ADMIN_USERNAME=$row["username"];
26. $ADMIN_PASSWORD=$row["pass"];
27.  
28. if($total>0){
29. if($name==$ADMIN_USERNAME && $pass==$ADMIN_PASSWORD){
30. if($usuario_admin!='') $_SESSION['1x11']="";
31. $_SESSION["1x11"] = $name;
32. $_SESSION['logedin'] = true;
33. $_SESSION["type"] = $row["type"];
34. $_SESSION["usrname"] = $name;
35. $_SESSION["logid"] = $row["id"];
36. header("Location:index2.php");
37. }
38. } else {
39. header("Location:index.php?id=1");
40. }
41. ?>
42.  
43. Host=dominio.com
44. User-Agent=Mozilla/5.0 (Windows NT 10.0; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0
45. Accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
46. Accept-Language=pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3
47. Accept-Encoding=gzip, deflate
48. Referer=http://dominio.com/admin/index.php?id=1
49. Cookie=PHPSESSID=1d5d5r8hlp6hnebv9pa115d8r
50. Connection=keep-alive
51. Upgrade-Insecure-Requests=1
52. Content-Type=application/x-www-form-urlencoded
53. Content-Length=59
54. POSTDATA=name=admin&passwd=admin&_2=Login&ed_type=&redirect=