<?php
$fout=''; $login='';
if (isset($_POST['username'])){
$query = "SELECT * FROM humo_users WHERE user_name='" . veilig($_POST["username"]) ."' AND user_password='".MD5(veilig($_POST["paswoord"]))."'";
$result = mysql_query($query) or die("FOUT : " . mysql_error());
if (mysql_num_rows($result) > 0){
@$resultDb=mysql_fetch_object($result);
$_SESSION['gebruikersnaam_admin'] = veilig($_POST["username"]);
$_SESSION['gebruikersid_admin'] = $resultDb->user_id;
$_SESSION['groeps_id_admin'] = $resultDb->user_group_id;
//Logboek vullen!
if(function_exists('date_default_timezone_set')){
date_default_timezone_set('Europe/Amsterdam');
}
$datum=date("Y-m-d H:i");
$sql="INSERT INTO humo_user_log SET log_date='$datum', log_username='".veilig($_POST["username"])."'";
mysql_query($sql, $db) or die(mysql_error());
// Doorsturen naar beveiligde pagina
//header("Location: index.php");
//exit();
$login='OK';
}
else{
// geen gebruiker gevonden, of ongeldig wachtwoord.
$fout='<P align=center><FONT COLOR="red">'.$language["login_fault"].'</FONT>';
}
// mysql_close($db);
}
if ($cms['cms_name']=='Joomla'){
$path_tmp='index.php?option=com_humo-gen&task=admin';
}
else{
$path_tmp=$_SERVER['PHP_SELF'];
}
if ($login=='OK'){
print '<p><p><form name="form1" method="post" action="'.$path_tmp.'">';
print '<input type="submit" name="Submit" value="'.$language["login_admin"].'">';
print '</form>';
}
else{
print '<h2 align=center>'.$language["login_head"].'</h2>';
echo $fout;
print '<form name="form1" method="post" action="'.$path_tmp.'">';
print '<table class="humo" border="1" cellspacing="0" align="center">';
print '<tr><td>'.$language["login_username"].'</td><td><input name="username" type="text" size="10" maxlength="10"></td></tr>';
print '<tr><td>'.$language["login_password"].'</td><td><input name="paswoord" type="password" size="10" maxlength="10"></td></tr>';
print '<tr><td><br></td><td><input type="submit" name="Submit" value="'.$language["login_login"].'"></td></tr>';
print '</table>';
print '</form>';
}
?>