####index####<?php require_once "../include/autoload.php"; get_templ

1. ####index####
2.  
3. <?php
4.  
5. require_once "../include/autoload.php";
6.  
7. get_template('head'); ?>
8.  
9. <?php $s = filter_input(INPUT_GET, 's', FILTER_SANITIZE_STRING); ?>
10. <?php $a = filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING); ?>
11.  
12. <?php
13.  
14. // Start the session
15.  
16.  
17. // Defines username and password. Retrieve however you like,
18. $username = "admin";
19. $password = "admin";
20.  
21. // Error message
22. $error = "Error";
23.  
24. // Checks to see if the user is already logged in. If so, refirect to correct page.
25. if (isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] == true) {
26. $error = "success";
27. header('Location: success.php');
28. }
29.  
30. // Checks to see if the username and password have been entered.
31. // If so and are equal to the username and password defined above, log them in.
32. if (isset($_POST['username']) && isset($_POST['password'])) {
33. if ($_POST['username'] == $username && $_POST['password'] == $password) {
34. $_SESSION['loggedIn'] = true;
35. header('Location: success.php');
36. } else {
37. $_SESSION['loggedIn'] = false;
38. $error = "Invalid username and password!";
39. }
40. }
41. ?>
42.  
43. <div class="container">
44. <h1>Adminileht</h1>
45.  
46. <html>
47. <head>
48. <title>Login Page</title>
49. </head>
50.  
51. <body>
52. <!-- Output error message if any -->
53. <?php echo $error; ?>
54.  
55. <!-- form for login -->
56. <form method="post" action="index.php">
57. <label for="username">Username:</label><br/>
58. <input type="text" name="username" id="username"><br/>
59. <label for="password">Password:</label><br/>
60. <input type="password" name="password" id="password"><br/>
61. <input type="submit" value="Log In!">
62. </form>
63.  
64.  
65. </body>
66. </html>
67.  
68. </div>
69.  
70. <?php get_template('footer');
71.  
72. #####LOGIN#####
73.  
74. <?php
75. session_start();
76.  
77.  
78.  
79.  
80.  
81. if(isSet($_POST['login'])) {
82. include('db.php');
83.  
84. $username = mysql_real_escape_string($_POST['username']);
85. $password = sha1($_POST['password'] );
86.  
87. $query = mysql_query("SELECT * FROM tab WHERE username='".addSlashes($username)."' AND password='".addSlashes($password)."'");
88. $res = mysql_num_rows($query);
89.  
90. if ($res == 1) {
91. $_SESSION['username'] = $username;
92. $_SESSION['password'] = $password;
93. $_SESSION['userobj'] = mysql_fetch_assoc($query);
94.  
95. header('Location: http://localhost/member_area.php');
96. exit;
97. } else {
98. echo 'Data does not match <br /> RE-Enter Username and Password';
99. }
100. } else {
101.  
102. ?>
103. <html>
104. <head><link rel="stylesheet" type="text/css" href="css.css"></head>
105. <body>
106. <div id="div1">
107.  
108. <a href="index.php" id="home">Home</a>
109. <a href="Login.php" id="login2">Login</a>
110. <a href="register.php" id="register">Register</a>
111.  
112.  
113. </div>
114. <table width="200" border="0" cellspacing="1" align="center">
115. <form id="form1" method="post" action="login.php">
116. <tr>
117. <td colspan="2"><h2>Members login</h2></td>
118. </tr>
119. <tr>
120. <td>Username: </td>
121. <td>
122. <input type="text" name="username" id="username"/>
123. </td>
124. </tr>
125. <tr>
126. <td>Password: </td>
127. <td><input type="password" name="password" id="password"/> </td>
128. </tr>
129. <tr>
130. <td colspan="2" align="center">
131. <input type="submit" name="login" id="login" value="login" />
132. </td>
133. </tr>
134. </form>
135. </table>
136. </body>
137. </html>
138. <?php
139. }
140.  
141.  
142. ?>