hello people . i am writing a login system for administers , so i made the login page with this code :
<?php
#####################################################
# created by : Awah Mohammed #
# date : 23/12/2010 at 23:15 pm #
# haha , i like writing such stuff in my websites #
# this file should not be edited , please edit the #
# inner files and folders . clear ?? #
#***************************************************#
#****************%%%%%%%%%%%%***********************#
// include the header files
include "../include/header.php";
include "../include/body.php";
include "../include/nav.php";
include "../include/logo.php";
// start the contents , it has nothing to be edited
include "../include/start.php";
// include the file which has the contents div , the place where the text is
?>
<div class="post">
<h2 class="title" title=""><a href="http://awah.biz" title="Awah Dot Biz">Sign up</a></h2>
<p class="meta"><span class="date"> </span><span class="posted">Posted by <a href="#">Awah Mohammed - the super-admin</a></span></p>
<div style="clear: both;"> </div>
<div class="entry">
<p>
<form action="signin_pro.php" method="post">
Username :<br />
<input type="text" name="username" /><br />
Password :<br />
<input type="password" name="password" /><br /><br />
<input type="submit" id="search-submit" value="Sign Up" /><br /><br />
</form>
</p>
</div>
</div>
<?php
include "../include/separater.php";
include "../include/side_bar.php";
include "../include/separater.php";
// this is just ending the uper part , it has nothing to be edited
include "../include/stop.php";
include "../include/footer.php";
?>
and the signin_pro.php is :
<?php
if(!isset($_REQUEST['username']))
{
?>
<a href="login.php">click here </a>
<?php
}
else
{
include_once "classes/class_lib.php";
$db = new db();
$db->connect();
$db->select();
$username = $_REQUEST['username'];
$pass = $_REQUEST['password'];
$pass = md5($pass);
$r = mysql_query("SELECT * FROM members WHERE username = '$username' AND password = '$pass'");
$n = mysql_num_rows($r);
if($n == 0)
{
echo "wrong username or password ";
?>
<a href="signin.php">please click here to try again</a>
<?php
}
else
{
while($rows = mysql_fetch_array($r))
{
$level = $rows['level'];
}
if($level = 1)
{
$Month = 2592000 + time();
//this adds 30 days to the current time
setcookie(admin, $fname, $Month);
header("location:sys.php");
}
else
{
echo "Welcome ".$fname."Sorry , but you are not an admin";
}
}
}
and the sys.php is :
<?php
if(!isset($_COOKIE['admin']) )
{
echo "<center> *** <a href='login.php'> please click here </a> ***</center>";
}
else if(isset($_COOKIE['admin']))
{
#####################################################
# created by : Awah Mohammed from sudan #
# date : 23/12/2010 at 23:15 pm #
# haha , i like writing such stuff in my websites #
# this file should not be edited , please edit the #
# inner files and folders . clear ?? #
#***************************************************#
#****************%%%%%%%%%%%%***********************#
// include the header files
include "../include/header.php";
include "../include/body.php";
include "../include/nav.php";
include "../include/logo.php";
// start the contents , it has nothing to be edited
include "../include/start.php";
// include the file which has the contents div , the place where the text is
?>
<div class="post">
<h2 class="title" title=""><a href="http://awah.biz" title="Awah Dot Biz">Welcome admin</a></h2>
<p class="meta"><span class="date"> </span><span class="posted">Posted by <a href="#">Awah Mohammed - the super-admin</a></span></p>
<div style="clear: both;"> </div>
<div class="entry">
<p>
please choose comething to do :<br />
<?php
include "syscon.php";
?>
</p>
</div>
</div>
<?php
include "../include/separater.php";
include "../include/side_bar.php";
include "../include/separater.php";
// this is just ending the uper part , it has nothing to be edited
include "../include/stop.php";
include "../include/footer.php";
}
?>
but when ever i run the code it goes fine upto the sys.php then in the sys.php it shows please click here and it takes me to the login page , please tell me what is wrong .