session_start(); if(!empty($_SERVER["QUERY_STRING"])){ $querys = split("\.",$_SERVER["QUERY_STRING"]); $content = $querys[0]; if($content=="logout"){ session_destroy(); header("Location: ./"); } } if($_SESSION["userid"]>0){ if(!is_file("contents/$content.php")){ $content = "adminhome"; } } if(empty($_SERVER["QUERY_STRING"]) && $_SESSION["userid"]<=0){ if(!is_file("contents/$content.php")){ $content = "login"; } } include("../includes/dbConnect.php"); if(!empty($_POST["login"])){ $sql = "SELECT * FROM `userlogin` WHERE `login`='".$_POST["username"]."' AND `userpass`='".$_POST["userpass"]."' LIMIT 1"; $res = mysql_query($sql); while($user=mysql_fetch_array($res)){ $_SESSION["userid"]=$user[0]; $content = "adminhome"; } } ?>