PHP-Code:

<?php
    
if (strpos ($_GET['content'], '/logout/') !== false) {
        
session_start();
        unset(
$_SESSION['admin']);
        
header("Location: ".$_SERVER['PHP_SELF']);
    }
    if (isset (
$_GET['content']) && !empty ($_GET['content'])) {
        if (
strpos ($_GET['content'], '../') !== false) die ('Zugriffsverletzung !');
        if (
$_GET['content'] {0} != '/'$_GET['content'] = '/' $_GET['content'];
    }



    if (!isset(
$_GET['content']) || empty ($_GET['content'])) $_GET['content'] = '/startseite';
    if (!
file_exists('content' $_GET['content'] . '.php')) $_GET['content'] = '/error/keine_seite';

    require (
'../lib/config.inc.php');
    require (
'../lib/functions.lib.php');
    
db_connect ();
    
session_start();
    require (
'lib/layout.lib.php');
    require ( 
'../lib/extras.lib.php' );


    
$shows 0;
    if (!isset(
$_GET['content'])) $_GET['content'] = '/startseite';
    if (!
file_exists('content'.$_GET['content'].'.php')) $_GET['content'] = '/error/keine_seite';
    if(
$_POST['check'] == "Login") {
        require_once (
'../lib/config.inc.php');
        require_once (
'../lib/functions.lib.php');
        
db_connect();
        
$page mysql_fetch_array(db_query("SELECT admin_name, admin_pass FROM ".$db_prefix."_seitenkonfig LIMIT 1"));
        if(
$_POST['loginname'] == $page['admin_name'] AND $_POST['passwort'] == $page['admin_pass']) {
            
$_SESSION['admin'] = 1;
            
header("Location: ".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']);
        }
    }

?>

<!DOCTYPE html>
<html lang='de'>
    <head>
        <title>..:: Adminforce ::..</title>
        <meta charset="UTF-8">
        <meta name="generator" content="vms-script">
        <meta name="Author" content="Designerscripte.net">
        <meta name="Publisher" content="Designerscripte.net">
        <meta name="Keywords" content="vms,paid4,loginscript">
        <meta name="Description" content="Verdien was Du willst">
        <meta name="Robots" content="INDEX,FOLLOW">
        <link rel="stylesheet" href="../css/main.css" type="text/css">
    </head>

    <body>
    <noscript><div style="font: 10pt Arial; color: #ff0000; text-align: center;">Um <b>alle Funktionen des Adminforce</b> nutzen zu k&ouml;nnen, bitte <b>JavaScript aktivieren</b>!</div></noscript>
    <div id="wrapper">
        <header id="header_1">
            <div id="topbar">
                <div id="topbar_left">
                    <ul>
                        <li><a href="?content=/startseite">Startseite</a></li>
                        <?php if($_SESSION['admin'] == 1){?>
                            <li><a href="?content=/bilanzsystem">Bilanz</a></li>
                            <li><a href="?content=/usersystem/liste">Userliste</a></li>
                        <?php ?>
                    </ul>
                </div>
                <div id="topbar_right">
                    <ul>
                        <li><a href="<?php echo $domain?>">Userseite</a></li>

                    <?php if($_SESSION['admin'] != 1){?>
                    <li>
                        <form  method="post">
                            <input type="Text" class ="topbar_input" name="loginname" value="<?php echo $_POST['nickname'];?>" placeholder="Username">
                            <input type="Password" class ="topbar_input" name="passwort" value="" placeholder="Passwort">
                            <button type="submit" name="check" value="Login">Login</button>
                        </form>
                   </li>
                    <?php }else{ ?>
                        <li><a href="?content=/logout/">Logout</a></li>
                    <?php ?>
                    </ul>
                </div>
            </div>
        </header>

        <br style="clear:both; font-size:0px;">
        <div id="content">
            <div id="left">
                <?php if($_SESSION['admin'] == 1) require_once('lib/menue_links.php');?>
            </div>
            <div id="middle">
                <?php if($_SESSION['admin'] == 1) require_once('content'.$_GET['content'].'.php'); ?>
            </div>
        </div>
    </div>
</body>
</html>
    <?php db_close (); ?>