I have an admin page that will require a username/ password to login. I have the login script but what I want to do is have the page with the login requirement before anything else shows on the page. So for example, if you go to the admin page now(there is no login requirement now) you will see ways to search the database for members. I don't want the general public to have access to this. So how can I set the page up so that when you first hitthe page you'll see a login and then after logging in the other info will show?
Here's the code I have now:
[case 'login':
// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row
if($count==1){
// create session
session_register("username");
session_register("password");
header("location: cluster11.php?action=edithomework&edit=edit&cluster11id=1");
}
else {
echo "Wrong Username or Password";
}
echo '<form name="Login" action="'.$_SERVER['PHP_SELF'].'?action=login" method="post">
<table width="280" align="center" border="0" cellpadding="0" cellspacing="5">
<tr>
<td colspan="2" align="center">'.$error_msg.'</td>
</tr>
<tr>
<td colspan="2" align="right"> </td>
</tr>
<tr>
<td width="40%" align="right">Username:</td>
<td width="60%"><input name="username" type="text" /></td>
</tr>
<tr>
<td align="right">Password:</td>
<td><input name="password" type="password" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value="Submit" /></tr>
</table>
</form>';
break;/CODE]
