//Opens connection to database$connection = mysql_connect("localhost", "bagofd

1. //Opens connection to database
2. $connection = mysql_connect("localhost", "bagofdus_david", "00871992");
3.  
4. //Selects database
5. mysql_select_db("bagofdus_schoolStudent");
6.  
7. //Srores username and password in two variables
8. $username=$_POST["usernameText"];
9. $password=$_POST["passwordText"];
10.  
11. //Sql injection protection, prevents extra characters
12. $user=mysql_real_escape_string($username);
13. $pass=mysql_real_escape_string($password);
14.  
15. //Query selects relevant record from the database
16. $query=mysql_query("SELECT * FROM student where username= $username AND password= $password");
17.  
18. //Checks that username and password are in the same row
19. $count=sizeof($query);
20. if($count==1)
21. {
22. $hour = time() + 3600;
23.  
24. //Sets a one hour cookie
25. setcookie(username, $_POST['username'], $hour);
26. setcookie(password, $_POST['password'], $hour);
27. echo "Login Successful";
28.  
29. //Redirects to the homepage
30. header("home.html");
31.  
32. }
33. else
34. {
35. echo "Username or password is incorrect";
36. }
37. ?>