<?PHP
//set up session based on login
session_start();
header("Cache-control: private");
$_SESSION=array();
?>
<?PHP
//this is the page header
echo"
<link rel=\"stylesheet\" type=\"text/css\" href=\"../stylesheet.css\">
<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">
<tr>
<td height=\"80\" valign=\"top\" <img src=\"../images/admin_logo.jpg\" width=\"291\" height=\"36\" border=\"0\">
</td></tr><td height=\"500\" valign=\"top\">
";
if (isset($_POST['submit']))
{
//CONNECT TO DATABASE
$conn = mysql_connect("localhost", "root", "pass") OR DIE (mysql_error());
mysql_select_db ("wwdbank", $conn) OR DIE (mysql_error());
//LOGIN -processed once user_name has been submitted
if (isset($_POST['user_name']))
{
$user_name = ($_POST['user_name']);
$pass = ($_POST['pass']);
$query = "SELECT * from parent WHERE user_name='$user_name' AND pass='$pass'";
$result = mysql_query($query)OR DIE (mysql_error());
$number=mysql_num_rows($result);
if ($number == 0)
{
echo "You did not provide the correct login details. Please try again.";
Include_once ('login_form.php');
}
else
{
$row=mysql_fetch_array($result);
$parent_id = $row ['parent_id'];
$parent_name = $row ['firstname'];
$_SESSION['id'] = $parent_id;
$_SESSION['name'] = $parent_name;
$_SESSION['user_name'] = $user_name;
$_SESSION['pass'] = $pass;
Include_once ('admin.php');
}
}
}
else
{
//IF NO SUBMIT SHOW LOGIN
Include_once ('login_form.php');
}
echo"
</td>
</tr>
<tr>
<td><div align=\"center\">
<p>©2005 wwd</p>
</div></td>
</tr>
</table>
";
?>