1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
| <?php
if(isset($_POST["username"]) && isset($_POST["password"])){
$manager = preg_replace('#[^A-Za-z0-9]#i','', $_POST["username"]);
$password = preg_replace('#(^A-Za-z0-9]#i','', $_POST["password"]);
include "../storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1");
$existCount=mysql_num_rows($sql);
if($existCount==1){
while($row=mysql_fetch_array($sql)){
$id=$row["id"];
}
$_SESSION["id"]=$id;
$_SESSION["manager"]=$manager;
$_SESSION["password"]=$password;
header("location:index.php");
exit();
}else{
echo 'That information is incorrect, try again<a href="index.php">Click Here</a>';
exit();
}
}
?> |
Partager