Check login details

1. <?php
2. session_start();
3. /**
4. * These are the database login details
5. */
6. $host="localhost"; // Host name
7. $username="root"; // Mysql username
8. $password=""; // Mysql password
9. $db_name="loginregister"; // Database name
10. $tbl_name="userdata"; // Table name
11.  
12. // Connect to server and select databse.
13. mysql_connect("$host", "$username", "$password")or die("cannot connect");
14. mysql_select_db("$db_name")or die("cannot select DB");
15.  
16. // username and password sent from form
17. $myusername=$_POST['myusername'];
18. $mypassword=$_POST['mypassword'];
19.  
20. echo $myusername ."<br>";
21. echo $mypassword."<br>";
22.  
23. // To protect MySQL injection (more detail about MySQL injection)
24. $myusername = stripslashes($myusername);
25. $mypassword = stripslashes($mypassword);
26. $myusername = mysql_real_escape_string($myusername);
27. $mypassword = mysql_real_escape_string($mypassword);
28.  
29. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
30. $result=mysql_query($sql);
31.  
32. // Mysql_num_row is counting table row
33. $count=mysql_num_rows($result);
34.  
35. // If result matched $myusername and $mypassword, table row must be 1 row
36.  
37.  
38. $data_row=mysql_fetch_array($result);;
39.  
40. if($count==1){
41. $user_id=$data_row["id"];
42. // Register $myusername, $mypassword and redirect to file "login_success.php"
43. $_SESSION["myusername"]=$myusername;
44. $_SESSION["user_id"]=$user_id;
45.  
46. //session_register("mypassword");
47. //session_register("id");
48. header("location:homepage.php");
49. }
50. else {
51. echo "Wrong Username or Password";
52. }
53. ?>