<?php require_once('......'); ?>

<?php

//initialisation de la session

session_start();

// Logout

$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";

if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){

  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);

}



if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){

  session_unregister('MM_Username');

  session_unregister('MM_UserGroup');

	

  $logoutGoTo = "/admin/logout.php";

  if ($logoutGoTo) {

    header("Location: $logoutGoTo");

    exit;

  }

}

?>

<?php

// Validation login

session_start();

$loginFormAction = $_SERVER['PHP_SELF'];

if (isset($accesscheck)) {

  $GLOBALS['PrevUrl'] = $accesscheck;

  session_register('PrevUrl');

}



if (isset($_POST['username'])) {

  $loginUsername=$_POST['username'];

  $password=$_POST['password'];

  $MM_fldUserAuthorization = "level_usr";

  $MM_redirectLoginSuccess = "index.php";

  $MM_redirectLoginFailed = "login.php";

  $MM_redirecttoReferrer = true;

  mysql_select_db($database_BB, $BB);

  	

  $LoginRS__query=sprintf("SELECT username_usr, password_usr, level_usr FROM blg_user_usr WHERE username_usr='%s' AND password_usr='%s'",

  get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 

   

  $LoginRS = mysql_query($LoginRS__query, $connBlog) or die(mysql_error());

  $loginFoundUser = mysql_num_rows($LoginRS);

  if ($loginFoundUser) {

    

    $loginStrGroup  = mysql_result($LoginRS,0,'level_usr');

    

    $GLOBALS['MM_Username'] = $loginUsername;

    $GLOBALS['MM_UserGroup'] = $loginStrGroup;	      



    session_register("MM_Username");

    session_register("MM_UserGroup");



    if (isset($_SESSION['PrevUrl']) && true) {

      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	

    }

header("Location: " . $MM_redirectLoginSuccess );

  }

  else {

header("Location: ". $MM_redirectLoginFailed );

  }

}

?>