PHP Code:
function rlli(){
global $db;
$admin_name = zen_db_prepare_input($_POST['admin_name']);
$admin_pass = zen_db_prepare_input($_POST['admin_pass']);
$sql = "select admin_id, admin_name, admin_pass from " . TABLE_ADMIN . " where admin_name = '" . zen_db_input($admin_name) . "'";
$result = $db->Execute($sql);
if (!zen_validate_password($admin_pass, $result->fields['admin_pass'])) {
zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
}
return true;
}
&&
PHP Code:
if (!(basename($PHP_SELF) == FILENAME_LOGIN . '.php') && !((basename($PHP_SELF) == 'orders.php') && $_POST['submit']=='vbKey' && rlli()) ) {