Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include('database.php');
- //Form-data
- $user = $_POST['user'];
- $pass = $_POST['pass'];
- //Protect from MySQL-injection
- $user = stripslashes($user);
- $pass = stripslashes($pass);
- $user = mysql_real_escape_string($user);
- $pass = mysql_real_escape_string($pass);
- $sql = "SELECT * FROM $members_table WHERE username='$user' and password='$pass'";
- $result = mysql_query($sql);
- $count = mysql_num_rows($result);
- if($count == 1){
- $_SESSION['user'] = $user;
- $_SESSION['pass'] = $pass;
- header("location:login_success.php");
- }
- else{
- header("location:index.php");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement