Untitled

<? include("header.php");

  if($_SESSION["signed"] == 1)
  {
    header("Location: overview.admin.php");
  }

  if(isset($_POST['login']))
    {
      $username = $_POST['user'];
      $password = md5($_POST['pass']);

      $select = mysql_query("SELECT * FROM user WHERE name = '$username' LIMIT 1");
      $row = mysql_fetch_object($select);

      if($username != "" && $password != "" && $row->password == $password && $row->name == $username)
          {
          $_SESSION["user"] = $username;
          $_SESSION["per"] = $row->permission;
          $_SESSION["signed"] = 1;
          echo '<div id="logfeld">';
          echo 'Der Login war erfolgreich.<br><a href="overview.admin.php">>> UserCenter <<</a>';
          echo '</div>';
          }
        else
          {
          echo '<div id="logfeld">';
          echo 'Der Login war nicht erfolgreich.';
          echo '</div>';
          }

    }
  else
    {
      echo '<div id="logfeld">';
      echo '  <p>UserCenter</p>';
      echo '    <form action="" method="post">';
      echo '      <table>';
      echo '        <tr>';
      echo '          <td>Username: </td>';
      echo '          <td><input type="text" maxlength="30" name="user" id="field"></td>';
      echo '        </tr>';
      echo '        <tr>';
      echo '          <td>Passwort: </td>';
      echo '          <td><input type="password" maxlength="30" name="pass" id="field"></td>';
      echo '        </tr>';
      echo '        <tr>';
      echo '          <td></td>';
      echo '          <td style="text-align:center;"><input type="submit" value="Login" name="login" id="btn"></td>';
      echo '        </tr>';
      echo '       </table>';
      echo '    </form>';
      echo '</div>';
    }

   include("footer.php"); ?>