$value) { $$key = $value; } session_start(); if($_SESSION["username"]) header("location: browse.html"); if($pageAction=="login") { $sql = "SELECT * FROM auth_user WHERE username='".sql_quote($login_username)."'"; $result = mysql_query($sql); while($row=mysql_fetch_array($result)) { $found_username = $row["username"]; $found_password = $row["password"]; } $split = explode("$",$found_password); $salt = $split[1]; $result_password = "sha1$".$salt."$".sha1($salt.$login_password); if($found_username && $result_password == $found_password) { $_SESSION["username"] = $found_username; header("Location: browse.html"); } else $msg = "
Incorrect username or password
"; } include("includes/header.html"); ?>

File Manager

Username:
Password: