Now the admin section is gaped wide open! No login asked for at all -no security -straight into Admin. You cannot log out of admin either!
Hence, I shut down my site and removed the config file until this is fixed.
Also shouldn’t the admin login ask for a username too? Without it, this script is an open house for dictionary brute-force attacks.
Are you not able to test it because of some extenuating circumstance?
let me know, and I’ll setup something off-site to test new builds.