<?php
session_start();

$db_servername = 'localhost';
$db_login = '';
$db_password = '';
$db_name = '';
$password_acp='';

mysql_connect("$db_servername","$db_login","$db_password");
mysql_select_db("$db_name");

if (isset($_GET['wyloguj'])==1) 
{
	$_SESSION['zalogowany_admin'] = false;
	session_destroy();
}

function filter($variable)
{
    if(get_magic_quotes_gpc())
        $variable = stripslashes($variable);

    return mysql_real_escape_string(htmlspecialchars(trim($variable))); 
}

if (isset($_POST['loguj'])) 
{
	$password = filtruj($_POST['password']);
	
	if ($password==$password_acp) 
	{
		$_SESSION['zalogowany_admin'] = true;
	}
	else { 
		echo "Złe dane";
	}
}

if ($_SESSION['zalogowany_admin']==true)
{
	echo '<CENTER><font size="8">ADMIN CONTROL PANEL</font></center>';
	echo "Zalogowano jako <b>admin</b> "; 
	echo '<a href="?wyloguj=1">[Wyloguj]</a>';

  	//lista
}

if ($_SESSION['zalogowany_admin']==false): ?>

<form method="POST" action="index.php">
<b>Hasło:</b> <input type="password" name="password"><br>
<input type="submit" value="Zaloguj" name="loguj">
</form>

<?php endif; 
@mysql_close(); ?>
<title>ACP</title>