<!DOCTYPE HTML>
<html>
<head>
<link type="text/css" rel="stylesheet" href="login.css"/>
</head>
<body>
<div id="form_div">
<form action="" method="post">
<div id="form_input"><span>login: </span><input type="text" name="login_name"/></div>
<div id="form_input"><span>password: </span><input type="password" name="password"/></div>
<div id="submit_div"><div><input type="submit" value="submit" name="submit_form" class="button"/></div></div>
</form>
<?php
if (isset($_POST['submit_form'])){
include_once "php/mysql_connect.php";
$login = $_POST["login_name"];
$pass = $_POST["password"];
$login = stripslashes($login);
$login = mysql_real_escape_string($login);
$pass = md5($pass);
$sql = "SELECT * FROM `login` WHERE login = $login and password = $pass";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
if ($count == 1){
session_start();
$_SESSION['username'] = $login;
$_SESSION['logged'] = TRUE;
header("Location: admin.php");
}
else {
echo "<div id='wrong'>Wrong username or password<div>";
}
}
?>
</div>
</body>
</html>