login.php (696B)
1 <?php 2 3 require( 'header.php' ); 4 5 //if ( !OK ) die(':-O'); 6 7 if ( HTTP_POST ) 8 { 9 $stmt = $db->prepare("SELECT username FROM user WHERE password=MD5(?)"); 10 $stmt->bind_param('s',$_POST['password'] ); 11 $stmt->execute(); 12 $stmt->bind_result($username); 13 if ( $stmt->fetch() || $_POST['password']==$config['security']['master_password'] ) 14 { 15 $_SESSION['user'] = $username; 16 require('domain.php'); 17 exit(); 18 } 19 else 20 { 21 ?><div class="error message">Login failed</div><?php 22 } 23 } 24 25 ?> 26 <form method="post"> 27 <input type="text" name="username" value="<?php echo @$_REQUEST['username'] ?>" /> 28 <input type="password" name="password" /> 29 <input type="submit"> 30 </form>