How to determine the entered admin on PHP?

Good friday time day. 8 -)

There is the code of the simplest entry for admin to the site in the admin:

if (!isset($_SERVER['PHP_AUTH_USER'])) {
    Header ("WWW-Authenticate: Basic realm=\"Admin Page\"");
Header ("HTTP/1.0 401 Unauthorized"); exit();
}
else {
    if (!get_magic_quotes_gpc()) {
    $_SERVER['PHP_AUTH_USER'] = mysql_escape_string($_SERVER['PHP_AUTH_USER']);
    $_SERVER['PHP_AUTH_PW'] = mysql_escape_string($_SERVER['PHP_AUTH_PW']);
}
$query = "SELECT a23 FROM admin WHERE a22='".$_SERVER['PHP_AUTH_USER']."'";
$lst = @mysql_query($query);
    if (!$lst) {
    Header ("WWW-Authenticate: Basic realm=\"Admin Page\"");
    Header ("HTTP/1.0 401 Unauthorized"); exit();
}
    if (mysql_num_rows($lst) == 0) {
    Header ("WWW-Authenticate: Basic realm=\"Admin Page\"");
    Header ("HTTP/1.0 401 Unauthorized"); exit(); 
}
$a23 = @mysql_fetch_array($lst);
    if ($_SERVER['PHP_AUTH_PW']!= $a23['a23']) {
    Header ("WWW-Authenticate: Basic realm=\"Admin Page\"");
    Header ("HTTP/1.0 401 Unauthorized"); exit();
    }
}

to curl and lie will not be honestly, it is honest out of some training aids and redone under its own way. Admin – Adminov Table, A22 – Login, A23 – Password.


The question is as follows: how to determine when entering the admin entrance, who exactly entered? Suppose, each entry is “Code”. This “code” hunting to equate to some $ admin.


Answer 1, Authority 100%

If correctly understood it. Although the code you have scary.

<?php
if (!isset($_SERVER['PHP_AUTH_USER']))
{
    Header ("WWW-Authenticate: Basic realm=\"Admin Page\""); Header ("HTTP/1.0 401 Unauthorized"); exit();
}else{
    if (!get_magic_quotes_gpc())
    {
        $_SERVER['PHP_AUTH_USER'] = mysql_escape_string($_SERVER['PHP_AUTH_USER']);
        $_SERVER['PHP_AUTH_PW'] = mysql_escape_string($_SERVER['PHP_AUTH_PW']);
    }
    $query = "SELECT a23,code FROM admin WHERE a22='".$_SERVER['PHP_AUTH_USER']."'";
    $lst = @mysql_query($query);
    $a23_passw= mysql_result( $lst, 0, 'a23' );
    $admin= mysql_result( $lst, 0, 'code' );
    if (!$lst)
    {
        Header ("WWW-Authenticate: Basic realm=\"Admin Page\"");
        Header ("HTTP/1.0 401 Unauthorized"); exit();
    }
    if (mysql_num_rows($lst) == 0)
    {
        Header ("WWW-Authenticate: Basic realm=\"Admin Page\"");
        Header ("HTTP/1.0 401 Unauthorized"); exit();
    }
    $a23 =  @mysql_fetch_array($lst);
    if ($_SERVER['PHP_AUTH_PW']!= $a23_passw)
    {
        Header ("WWW-Authenticate: Basic realm=\"Admin Page\"");
        Header ("HTTP/1.0 401 Unauthorized"); exit();
    }
}
?>

Answer 2, Authority 50%

judging by the error, there is no connection to the base. With the base connects not forgotten?