<?php

#One password to rule them all,
#No databases any more!
$MasterUser="Master";
$MasterPassword ="VPA5UF";
$MasterSecret=$MasterUser.":".$MasterPassword;


$Credentials = $_POST["username"].":".$_POST["password"];

if (md5($Credentials) == md5($MasterSecret))
     {  
        echo '<h2>Hello ' . htmlspecialchars($_POST["username"]) . '!</h2><br>You have sucessfully logged in!<br><br>';
        if ($_POST["username"] == "Admin") 
             { echo 'Congratulations! Here is your flag:...<br><br>';}
     }
else {  
        echo 'Your username or password is invalid!<br><br>';
     }
?>
<form><input type="button" value="Back" onClick="history.go(-1);return true;"></form>