1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45: | <?php
session_start();
if($_SESSION["authenticated"] == 1) {
$db = mysql_connect($db_server,$db_benutzer,$db_pwd);
mysql_select_db($db_name);
$query = "SELECT * FROM TABLE g_benutzer WHERE Username = '".$_POST["username"]."' && Password = '".$_POST["password"]."'";
$result = mysql_query($query);
echo mysql_errno().': '.mysql_error()."<br />\n";
$row = mysql_fetch_assoc($result);
echo mysql_errno().': '.mysql_error()."<br />\n";
if($row["id"]){
$_SESSION["authenticated"] = 2;
}
else {
echo "Username or Password incorrect";
}
}
if($_SESSION["authenticated"] == 0) {
echo "Session doesn’t exist. Maybe has expired";
}
if($_SESSION["authenticated"] == 2) {
header("Location:admin.php");
}
?> |