<?phpinclude_once 'psl-config.php';include_once 'db.php';ob_start();

1. <?php
2.  
3. include_once 'psl-config.php';
4. include_once 'db.php';
5.  
6. ob_start();
7.  
8. // Define $myusername and $mypassword
9. if(!empty($_POST['myusername']) && !empty($_POST['mypassword'])){
10.     $myusername=$_POST['myusername'];
11.     $mypassword=$_POST['mypassword'];
12.     //echo $_POST['myusername'] ." y ". $_POST['mypassword'] . "<br>";
13.     //echo $myusername ." x ". $mypassword . "<br>";
14.  
15. // To protect MySQL injection (more detail about MySQL injection)
16. //$myusername = stripslashes($myusername);
17. //$mypassword = stripslashes($mypassword);
18. //$myusername = mysqli_real_escape_string($myusername); //mysqli::escape_string ?
19. //$mypassword = mysqli_real_escape_string($mypassword); //mysqli::escape_string ?
20.  
21. $result = $mysqli->query("SELECT * FROM members WHERE username='$myusername' and password='$mypassword'");
22. while ($row = $result->fetch_object()){
23. //echo $row->username . " z " . $row->password . "<br>";
24. //echo $username . " = " . $row->username;
25. //if($myusername == $row->username){
26.    
27. //}
28.  
29. if($myusername == $row->username && $mypassword == $row->password){
30. // Register $myusername, $mypassword and redirect to file "login_success.php"
31.     $_SESSION['myusername']=$myusername;
32.     $_SESSION['mypassword']=$mypassword;
33.     echo $myusername . " = " . $row->username . "<br>";
34.     echo $mypassword . " = " . $row->password . "<br>";
35.     //header("location:login_success.php");
36. }
37. //else {
38. //  echo "Wrong Username or Password.";
39. //}
40.  
41. }
42.  
43. }
44. else{
45.     echo 'error';
46. }
47.  
48. ob_end_flush();
49. ?>