================================================================================

1. ================================================================================
2. check.php
3. ================================================================================
4. <?php
5. $host = "localhost";
6. $user = "root";
7. $pass = "";
8. $dbname = "database_herb";
9. session_start();
10. $con = mysqli_connect($host,$user,$pass,$dbname) or die (mysqli_error()) ;
11.  
12. $sql_login = "SELECT * FROM system_admin WHERE admin_username ='"mysqli_real_escape_string($con,$_POST["username"])."'
13. AND admin_password = '"mysqli_real_escape_string($con,$_POST["password"])."'";
14.  
15. $query_login = mysqli_query($con,$sql_login);
16. $result_login = mysqli_fetch_array($query_login,MYSQLI_ASSOC);
17. if (!$result_login) {
18. echo "รหัสผ่านหรือไอดีผู้ใช้ไม่ถูกต้อง";
19. }else {
20. echo $result_login['admin_name']."<br/>";
21. }
22. mysqli_close($con);
23. ?>
24. ================================================================================
25. form_login.php
26. ================================================================================
27. <?
28. include 'check.php';
29. ?>
30. <form name="login" method="POST" action="check.php" >
31. <label for="Username">Username</label>
32. <input type="text" name="username" id="username" />
33.  
34. <label for="password">Password</label>
35. <input type="password" name="password" id="password" />
36.  
37. <button type="submit">login</button>
38. </form>
39. ================================================================================