Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once 'psl-config.php';
- include_once 'db.php';
- ob_start();
- // Define $myusername and $mypassword
- if(!empty($_POST['myusername']) && !empty($_POST['mypassword'])){
- $myusername=$_POST['myusername'];
- $mypassword=$_POST['mypassword'];
- //echo $_POST['myusername'] ." y ". $_POST['mypassword'] . "<br>";
- //echo $myusername ." x ". $mypassword . "<br>";
- // To protect MySQL injection (more detail about MySQL injection)
- //$myusername = stripslashes($myusername);
- //$mypassword = stripslashes($mypassword);
- //$myusername = mysqli_real_escape_string($myusername); //mysqli::escape_string ?
- //$mypassword = mysqli_real_escape_string($mypassword); //mysqli::escape_string ?
- $result = $mysqli->query("SELECT * FROM members WHERE username='$myusername' and password='$mypassword'");
- while ($row = $result->fetch_object()){
- //echo $row->username . " z " . $row->password . "<br>";
- //echo $username . " = " . $row->username;
- //if($myusername == $row->username){
- //}
- if($myusername == $row->username && $mypassword == $row->password){
- // Register $myusername, $mypassword and redirect to file "login_success.php"
- $_SESSION['myusername']=$myusername;
- $_SESSION['mypassword']=$mypassword;
- echo $myusername . " = " . $row->username . "<br>";
- echo $mypassword . " = " . $row->password . "<br>";
- //header("location:login_success.php");
- }
- //else {
- // echo "Wrong Username or Password.";
- //}
- }
- }
- else{
- echo 'error';
- }
- ob_end_flush();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement