Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require('../model/database.php');
- require('../model/admin_db.php');
- $action = filter_input(INPUT_POST, 'action');
- if ($action === NULL) {
- $action = filter_input(INPUT_GET, 'action');
- if ($action === NULL) {
- $action = '';
- }
- }
- if(!isset($_SESSION['is_valid_admin'])){
- $action = 'get_admin';
- }
- switch($action){
- case 'get_admin':
- $username = filter_input(INPUT_POST, 'username');
- $password = filter_input(INPUT_POST, 'password');
- echo $username;
- echo $password;
- echo is_valid_admin_login($username, $password);
- if (is_valid_admin_login($username, $password)){
- $_SESSION['is_valid_admin']=true;
- include ('admin_menu.php');
- }
- else{
- $login_message = 'you must login to view this page.';
- include ('adminlogin.php');
- }
- include ('adminlogin.php');
- break;
- <?php
- function is_valid_admin_login($username, $password) {
- global $db;
- $password = sha1($username . $password);
- $query = 'SELECT username FROM administrators
- WHERE username = :username
- AND password = :password';
- $statement = $db->prepare($query);
- $statement->bindValue(':username', $username);
- $statement->bindValue(':password', $password);
- $statement->execute();
- $valid = ($statement->rowCount() == 1);
- $statement->closeCursor();
- return $valid;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement