<?php 

include ('../config.php');
session_start();

if (isset($_POST['userid']) && isset($_POST['password'])) {
	// if the user has just tried to log in 
	$username = $_POST['userid']; 
	$password = $_POST['password'];
	
	$query = 'select * from admins ' 
			 ."where username ='$username' "
			 ." and password = md5('$password')";
				 
	$result = mysql_query($query,$connection) or die(mysql_error());
		
	if (mysql_num_rows($result)) {
		// if they are in the database register the user id 
		$_SESSION['validadmin'] = $username;
	}
	 
} 

if (isset($_SESSION['validadmin'])) {
	 if ($_POST['remember']) { // Set cookie if user checked remember me
	 	setcookie("cookadminname", $username, time()+60*60*24*100, "/");
    	setcookie("cookadminpass", md5($password), time()+60*60*24*100, "/");
    }
    
	header ("Location: index.php"); 
} 

$metatitle = "Login - Admin Control Panel";
include ('includes/document_head.php');

	if (isset($userid)) {
	// if they've tried and failed to log in 
	$errormessage = '<center><p><b>Incorrect Login Details!</b></p></center>';
	} 

?>					

		<form method="post" action="login.php" id="login_box" class="round_all clearfix">
			<center><h2 style="font-weight: bold; padding: 15px 0 0 0; margin: 0; line-height: 1.2em;"><?php echo $sitetitle; ?> - Admin</h2></center>
			<?php echo $errormessage; ?>
			<label class="fields"><strong>Username</strong><input name="userid" type="text" id="userid" class="indent round_all"></label>

			<label class="fields"><strong>Password</strong><input name="password" type="password" id="password" class="indent round_all"></label>
			<button class="button_colour round_all" onClick="location.href='index.php'"><img width="24" height="24" alt="Locked 2" src="images/icons/small/white/Locked%202.png"><span>Login</span></button>
			<div id="bar" class="round_bottom">
				<label><input type="checkbox" name="remember">Auto-login in future.</label>
				<a href="forgot.php">Forgot your password?</a>
			</div>		
			
		</form>
<?php include 'includes/closing_items.php'?>