<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if($username&&$password)
{
$connect = mysql_connect("localhost","root","") or die("Could not connect");
mysql_select_db("phplogin") or die("Could not find db");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row ['username'];
$dbpassword = $row ['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
echo "You are in! <a href='index2.php'>click</a< here to enter the member page.";
$_session['username']=$username;
}
else
echo "Incorrect password!";
}
else
die("That user does not exist!");
}
else
die("Please enter a username and password!");
?>