Code:
<?php
session_start();
?>
<html>
<head>
</head>
<body>
<?php
if(!isset($username) || !isset($password)) {
include('includes/login.php');
exit();
}
session_register("username");
session_register("password");
$conn = mysql_connect('localhost', 'xxx, 'xxx');
if(!$conn) {
session_unset();
session_destroy();
echo 'Unable to connect to db';
include('includes/login.php');
exit();
}
mysql_select_db('xxx');
$sql = mysql_query('SELECT user_table WHERE username =="' . strip_tags(mysql_real_escape_string('$username')).'"') or die('Couldnt find table');
$fetch = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows != "0" && ($password == $fetch["password"])) {
$valid_user = 1;
}
else
{
$valid_user = 0;
}
if(!($valid_user)) {
session_unset();
session_destroy();
include('includes/login.php');
exit();
}
else {
include('includes/content.php');
}
?>
</body>
</html>
That's the index.php for admin stuff, it's not working yet as it's saying it can't connect to the database, just checking through it now. Thoughts?