Untitled

<form id="1" name="1" action="pass.php" method="post">
<div class="login">

    <input placeholder="Usuário" type="text" id="username" size="25" name="name" /><br>
    <input placeholder="Senha" id="pass" type="password" size="25" name="pass" /><br>
    <input type="submit" name="1" value="Login" />
    <input type="hidden" name="ed_type" value="" />
    <input type="hidden" name="redirect" value="<? echo $redirect;?>" />
</div>
</form>

<?
    session_start();
    $usuario_admin=isset($_SESSION['1x11'])?$_SESSION['1x11']:'';

   include("conf.inc.php");
   include("conectar.php");

 $query="select * from admin where username='".$_POST["name"]."' and pass='".md5($_POST["pass"])."'";
  $result=mysql_query($query,$db);
  $row=mysql_fetch_array($result);
  $total = mysql_num_rows($result);
  $name=$_POST['name'];
  $pass=$_POST['pass'];
  $ADMIN_USERNAME=$row["username"];
  $ADMIN_PASSWORD=$row["pass"];

  if($total>0){
      if($name==$ADMIN_USERNAME && $pass==$ADMIN_PASSWORD){
          if($usuario_admin!='') $_SESSION['1x11']="";
          $_SESSION["1x11"] = $name;
          $_SESSION['logedin'] = true;
          $_SESSION["type"] = $row["type"];
          $_SESSION["usrname"] = $name;
          $_SESSION["logid"] = $row["id"];
          header("Location:index2.php");
      }
  } else {
    header("Location:index.php?id=1");
  }
?>

<?
       include_once("conf.inc.php");
       include("conectar.php");

    $sel="select * from admin where id='".$_SESSION["logid"]."'";
    $ressel=mysql_query($sel);
    $rowsel=mysql_fetch_object($ressel);
    $name=stripslashes($rowsel->username);
    $title=stripslashes($rowsel->pass);


if(isset($_POST['submit'])){
    $title = addslashes($_POST["title"]);
    $sql="update admin set pass=MD5('$title') where id='".$_SESSION["logid"]."'";
    $ressql=mysql_query($sql) or die("Erro ao atualizar a senha!");
    header('location:message.php?msg=55');
}
?>