login.php at Simple PHP Shopping cart - asaancart

<?php
session_start();
/*
asaancart - easy shopping cart solution
---------------------------------------

Copyright 2009 Nasir Ahmad Khan
Email: hide@address.com

This file is part of asaancart - open source easy shopping cart solution.

asaancart is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

asaancart is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with asaancart.  If not, see <http://www.gnu.org/licenses/>.

*/

include("../config/config.php");
if (session_id() == "") session_start(); 

$smarty->assign('msg', '');

if ($_POST['btnSubmit']=='btnSubmit')
{
	$sql = "SELECT * FROM auth_user_admin WHERE username='".$_POST['username']."' AND password='".md5($_POST['password'])."'";
	//echo $sql;
	
	//$sql = "SELECT * FROM auth_user_admin WHERE username='".$_POST['username']."' AND password='".$_POST['password']."'";
	
	//echo $sql;
	
	$results = mysql_query($sql);
	$num_row = mysql_num_rows($results);

	if($num_row==0){
		$smarty->assign('msg', 'Your username and password combination is incorrect, so please try again. Remember that the password field is case sensitive.');
	$smarty->display('admin_login.tpl');		
	}
	else{
		$_SESSION['username'] = $_POST['username'];
		header("location: index.php");
		exit();
	}

}else{
$smarty->display('admin_login.tpl');
}
?>