Location: PHPKode > projects > Exero CMS > upload/admin/login.php
<?
/*========================================*\
| Exero CMS                                |
|==========================================|
|          http://ecms.getox.net           |
|https://sourceforge.net/projects/exerocms/|
|==========================================|
|     Exero CMS is released under the      |
|     GNU General Public License (GPL)     |
| opensource.org/licenses/gpl-license.php  |
\*========================================*/

include("global.php");

if(!LOGGEDIN) {
	$login = $user->login($_POST['username'],$_POST['password']);
	if($login) {
		$user->check();
		if($user->groupinfo['admincp']) {
			$db->query("DELETE FROM admin_sessions WHERE userid='".$user->userinfo['uid']."'");
			$db->query("INSERT INTO admin_sessions VALUES('".$user->userinfo['uid']."','".session_id()."','".time()."')");
			header("Location: ".$_POST['redir']);
		} else {
			header("Location: index.php");
		}
	} else {
			header("Location: index.php");
	}
} else if($user->groupinfo['admincp']) {
	$checkuser = $db->num_rows($db->query("SELECT uid FROM users WHERE username='".$db->real_escape_string($_POST['username'])."' AND password='".md5($_POST['password'])."' LIMIT 1"));
	if($checkuser == 1) {
		$db->query("DELETE FROM admin_sessions WHERE userid='".$user->userinfo['uid']."'");
		$db->query("INSERT INTO admin_sessions VALUES('".$user->userinfo['uid']."','".session_id()."','".time()."')");
		header("Location: ".$_POST['redir']);
	} else {
		header("Location: index.php");
	}
} else {
	header("Location: index.php");
}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: Exero CMS