<?php//Start by including the config file and checking if the admin is logged i

1. <?php
2. //Start by including the config file and checking if the admin is logged in.
3. require_once('../includes/db_connect.php');
4.  
5. //if not logged in redirect to login page
6. if(!$user->is_logged_in()){ header('Location: login.php'); }
7. ?>
8.  
9. <!--Here is the HTML for the login form-->
10. <form action="" method="post">
11. <p><label>Username</label><input type="text" name="username" value="" /></p>
12. <p><label>Password</label><input type="password" name="password" value="" /></p>
13. <p><label></label><input type="submit" name="submit" value="Login" /></p>
14. </form>
15. <?php
16.  
17. //process the login form if submitted correctly
18. if(isset($_POST['submit'])){
19.  
20. $username = trim($_POST['username']);
21. $password = trim($_POST['password']);
22.  
23. if($user->login($username,$password)){
24.  
25. //logged in return to index page
26. header('Location: index.php');
27. exit;
28.  
29. } else {
30. $message = '<p class="error">Wrong username or password</p>';
31. }
32.  
33. }//end if submit
34.  
35. if(isset($message)){ echo $message; }
36. ?>