<?session_start();require_once('secure/database.php');$tbl_name="users"; /

1. <?
2. session_start();
3. require_once('secure/database.php');
4. $tbl_name="users"; // Table Name
5.  
6. $logusername=mysql_real_escape_string($_POST['username']); //Grab username
7. $logpassword=mysql_real_escape_string(md5($_POST['password'])); //Grab password and encrypt to md5
8. $ip = $_SERVER['REMOTE_ADDR']; //ip
9.  
10. $logsubmit=$_POST['login']; //Grab form post
11.  
12. @mysql_select_db($database) or die( "Unable to select database"); //database error
13.  
14. if ($logsubmit == "login") //login check
15.     {
16.  
17.     $check = mysql_query("SELECT * FROM users WHERE username = '$logusername'") or die(mysql_error());
18.     $num=mysql_num_rows($check);
19.    
20.     while($info =mysql_fetch_array( $check ))
21.         {
22.         if ($logpassword==$info['password']) //username + password check
23.             {
24.             $_SESSION['login'] = "1";
25.             $_SESSION['uname'] = "$logusername";
26.             $_SESSION['pword'] = "$logpassword";
27.             $_SESSION['ip'] = "$ip";
28.             $_SESSION['rank'] = $info['rank'];
29.             header ("location:home.php"); //login success
30.             }
31.         else
32.             {
33.             $_SESSION['login'] = "";
34.             header ("location:login.php"); //login success
35.             }
36.        
37.         }
38.     }
39. else die("$logsubmit error1"); //login check error message
40.  
41. mysql_close();
42. ?>