01-29-2008, 06:58 PM
|
#6 (permalink)
|
|
The Prestige
Join Date: Sep 2007
Location: Sweden, Stockholm
Posts: 1,080
Thanks: 115
|
I tried to make the best out of it, and here's how I solved it:
PHP Code:
<?php
/**
* @author Tanax
* @copyright 2008
*/
include 'config.php';
if(@$_POST['submit'] == 'log') {
$query = mysql_query("SELECT * FROM `cms` WHERE `username` = '".$_POST['username']."' AND `password` = '".$_POST['password']."'");
if($query) {
$data = mysql_fetch_array($query);
if($data['rank'] == 'adminrank') {
$_SESSION['logged'] = true;
}
}
else {
echo 'Incorrect username or password';
}
if($_session['logged'] == true) {
echo 'Adminpanel open';
}
else {
echo 'Access denied';
}
}
else {
?>
<h2>Please log in:</h2>
<form method="post" action="<?php $_SERVER['phpself']; ?>">
Username: <input name="username" type="text" value="" /><br />
Password: <input name="password" type="password" value="" />
<input name="submit" type="submit" value="log" />
<?php
}
?>
I'm sure you can figure out, with enough time, what the different stuff do, as this is really nothing fancy or advanced.. 
NOTE: I wrapped this up in really no time at all, so security is none whatsoever. You might want to secure the $_POST variables.. and other aspects. |
|
|
|