## login.php<?phpsession_start();// login?$pw = $_POST['password']

1. ## login.php
2.  
3. <?php
4. session_start();
5.  
6. // login?
7.  
8. $pw = $_POST['password'];
9. $name = $_POST['name'];
10.  
11. $query = mysql_query("SELECT * FROM members WHERE username = ". $name ."' AND password = '". $pw ."'");
12.  
13. $numrows = mysql_num_rows($query);
14.  
15. if($numrows == 1) {
16. $info = mysql_fetch_assoc($query);
17. $_SESSION['username'] == $info['username'];
18. header("Location: index.php");
19. } else {
20. header("Location: index.php?bad=1");
21. }
22.  
23. ?>