0){ // header('Location: index.php'); // exit; unset($_SESSION['session_admin_email']); } if($_SESSION['session_admin_fail'] > 4){ $deny = '# ' . date("D M j G:i:s T Y") . "\n"; $deny .= 'Deny from ' . $_SERVER['HTTP_CF_CONNECTING_IP'] . "\n\n"; fwrite(fopen('.htaccess', 'a'),$deny); print "

You've been blocked from further access to this site.

"; exit; } if($_POST){ $email = $mysqli->real_escape_string($_POST['email']); $password = $_POST['password']; $table = "admin_users"; $stmt = $mysqli->prepare("SELECT * FROM $table WHERE email = ?"); $stmt->bind_param("s", $email); $stmt->execute(); $result = $stmt->get_result(); $num_rows = $result->num_rows; if($num_rows == 1){ $row = $result->fetch_assoc(); if(verify_password($password, $row, $blowfish)){ if($row['password_migrated'] == 0){ migrate_password($password, $row['rec_num'], $table, $mysqli); } $_SESSION['session_admin_email'] = $email; $_SESSION['session_admin_num'] = $row['rec_num']; $Query = "UPDATE $table SET ip = '$ip' WHERE rec_num = '".$row["rec_num"]."'"; mysqli_query($mysqli,$Query) or die('Could not select: '.$Query.'
' .$mysqli->error); $stmt->close(); header('Location: index.php'); exit; } } $stmt->close(); $error = "Email and password combination not found in our database."; unset($_SESSION['session_admin_email']); unset($_SESSION['session_admin_num']); unset($_SESSION['session_admin_pass']); if(isset($_SESSION['session_admin_fail'])) $_SESSION['session_admin_fail']++; else $_SESSION['session_admin_fail'] = 1; } ?> Admin Login Magicangel.net">

Admin Login

0) echo "Failed Attempts: ".$_SESSION['session_admin_fail']."
" ; if(strlen($error) > 0) echo "$error

"; ?>