<?phpinclude_once ("connection.php");if($_SERVER['REQUEST_METHOD'] == 'POST'

1. <?php
2. include_once ("connection.php");
3. if($_SERVER['REQUEST_METHOD'] == 'POST') {
4.     $log_username = $_POST['log_username'];
5.     $log_password = $_POST['log_password'];
6.     $log_username = stripslashes($log_username);
7.     $log_password = stripslashes($log_password);
8.     $log_password = md5($log_password);
9.     $log_admin_query = "SELECT username, password
10.                        FROM admin
11.                        WHERE username = '$log_username' AND password = '$log_password' LIMIT 1";
12.     $log_result = mysql_query($log_admin_query);
13.     $log_check = mysql_num_rows($log_result);
14.     if ($log_check == 1) {
15.         session_start();
16.         $_SESSION['username'] = $log_username;
17.         echo "You are logged in";
18.     } else {
19.         echo "Invalid username or password";
20.     }
21. } else {
22.     # if someone try to open login.php only tells them to use form
23.     echo "You must login over form, click <a href=\"form.php\">here</a> to to login";
24. }
25.     mysql_close();
26. ?>