<? $pass=htmlspecialchars(mysql_real_escape_string(trim($_POST['pass']))); $login=htmlspecialchars(mysql_real_escape_string(trim($_POST['login']))); if($pass==ADM_PASS && $login==ADM_LOGIN){ $_SESSION['adm']="1"; header("Location: index.php"); } echo '<form method="POST" action="?"> Лoгин:<br> <input type="text" name="login"><br> Пороль:<br> <input type="password" name="pass"><br> <input type="submit" value="Войти"> </form>'; ?>