<?php if(!defined('system')) exit;

    if($_POST['action']=='login') {
        $admin=mysqli_fetch_assoc(mysqli_query($db, "SELECT * FROM admins WHERE admEmail='$_POST[email]'"));        
        if(sha1($admin['admPassword'].$_SESSION['admin_seed'])==$_POST['hash']) {
            $_SESSION['admin']=$admin;            
        }
               
    }

    if(!$_SESSION['admin']) {
        $_SESSION['admin_seed']=dechex(rand(16,255)).dechex(rand(16,255)).dechex(rand(16,255)).dechex(rand(16,255));
        require_once('_backend/templates/login.php');
        exit;
    }
    
?>