PK

<?php 
	session_start();
	include "include/configure.php"; 
	if(isset($_POST['action']) && $_POST['action']!="login"){

		$_SESSION['login'] = "";
		$error = "";
		$sql = mysql_query("SELECT * FROM admin WHERE username='".$_POST['username']."'  AND pass='".md5($_POST['pasword'])."'");
		$numRows = mysql_num_rows($sql);
		if($numRows==1){

			$_SESSION['login'] = true;	
			header("location: index.php");
		}else{
			$error = "1";

		}

	}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>
<?=$siteName;?> :: Admin Panel</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
</head>
<body OnLoad="document.loginform.username.focus();" class="loginContainer">
 
<div class="loginMain">
<form method="post" action="<?=$siteUrl; ?>login.php" name="loginform">
  <table width="100%" cellpadding="5" align="center" cellspacing="0" border="0">
	<tr>
		<th ><b>Login</b> to administrator</th>
	</tr>
    <tr>
      <td>
<?php
	if(isset($error) && $error=='1'){
		echo "<span class='errorMsg'>Oops.... Username or Password is wrong.</span>";
	}
?> 		</td>
    </tr>
    <tr>
      <td><div class="usrenameInput">
      	<div class="icon"></div>
        <input type="text" name="username" id="username" />
      </div></td>
    </tr>
    <tr>
      <td><div class="passInput">
      	<div class="icon"></div>
        <input type="password" name="pasword" id="pasword" />
      </div></td>
    </tr>
    <tr>
     	<td align="center"><input type="hidden" name="action" value="true" />
        <input type="submit" value="Sign In" class="smtButton" />
        <br/>
        <br/></td>
    </tr>
  </table>
</form>
</div>
</body>
</html>

PK 99