<?phpinclude "connect.php";if(isset($_SESSION['name'])){ //login is not

1. <?php
2. include "connect.php";
3.  
4. if(isset($_SESSION['name'])){
5. //login is not necessary
6. include 'logged-in.php';
7. }else{
8. //show the login
9. ?>
10. <link rel="stylesheet" type="text/css" href="login.css">
11. <center>
12. <form class="form" method="POST" action="">
13. <p class="logintext">Username:</p><input type="text" name="username"/><br><br>
14. <p class="logintext">Password:</p><input type="password" name="pass"/><br><br><br>
15. <input type="submit" name="submit"/><br>
16. </form>
17. </center>
18. <?php
19. if(isset($_POST['username'])){
20. $username = $_POST['username'];
21. $password = $_POST['pass'];
22.  
23. $sql = "SELECT * FROM smf_members WHERE member_name = '$username'" or die ('query did not work');
24. $query = mysqli_query($conn, $sql);
25.  
26. if ($query = 1) {
27. $row = mysqli_fetch_row($query);
28. $userId = $row[0];
29. $dbUsername = $row[1];
30. $dbPassword = $row[2];
31. }else{
32. echo 'query = 0';
33. }
34.  
35. //if submited check that everything is ok
36. if ($username == $dbUsername && $password == $dbPassword){
37. //if correct show logged-in.php and set the session name to the username
38. include 'logged-in.php';
39. $_SESSION['name'] = $_POST['username'];
40. }else{
41. //if not correct display "Did you type the right password?"
42. echo "did you type the right password? :/";
43. }
44. }
45. }
46. ?>