<form method="post" action="login1.php">Name: <input type="text" name="name" /

1. <form method="post" action="login1.php">
2. Name: <input type="text" name="name" /><br />
3. Password: <input type="text" name="password" /><br />
4. <input type="submit" value="Login" />
5.  
6. <?php
7.     function is_logged() {
8.         if (isset($_SESSION['username'])) { echo '<p>You are logged in as ' . $_SESSION['username'] . '.</p>'; }
9.         else { echo '<p>You are not logged in.</p>'; }
10.     }
11.     is_logged();
12.     if (isset($_POST['password']) && isset($_POST['name'])) {
13.         mysql_connect('xxxxt', 'xxxx', 'xxxxx') or error_log("Could not connect to database.");
14.         mysql_select_db('loginsys') or error_log("Could not select database.");
15.         $username = mysql_real_escape_string($_POST['name']);
16.         $password = $_POST['password'];
17.         $result = mysql_query("SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . $password . "'") or error_log("MySQL query error.");
18.         if (mysql_num_rows($result)) {
19.             if (isset($_SESSION['username'])) { echo '<p>You are already logged in.</p>'; }
20.             else {
21.                 session_start();
22.                 $_SESSION['username'] = htmlspecialchars($username);
23.                 echo '<p>Successfully logged in!</p>';
24.             }
25.         }
26.         else {
27.             echo "<p>Incorrect password!</p>";
28.             header('Location: login1.php');
29.         }
30.     }
31. ?>