Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
$GLOBALS["smarty"]->display('login.tpl');
if($GLOBALS["Get"]->val("submit")!=""){
$admin = $GLOBALS["Get"]->val("admin");
$password = $GLOBALS["Get"]->val("password");
$p=md5($password);
$db = new sqldb;
$sql_query="SELECT * FROM admin WHERE user='$admin' AND PASSWORD ='$p' LIMIT 1";
$value=$db->result($sql_query);
$sn =new session;
if($value['user']&&$value['password']){
$sn->setSess('adminuser','yes');
//echo $value['user'];
header("Location: index.php?page=adminpage");
}
}
The first row show to us is an output, do be able to uses headers after output you need to start your script with ob_start(); and preferably end with ob_end_flush();