$q = "SELECT id, fname, lname FROM users WHERE (username='$username' AND passwor

1. $q = "SELECT id, fname, lname FROM users WHERE (username='$username' AND password=SHA1('$password'))";
2. $r = mysqli_query ($dbc, $q) or trigger_error("Query: $qn<br>MySQL Error: " . mysqli_error($dbc));
3.  
4. if (@mysqli_num_rows($r) == 1) {
5. $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
6. mysqli_free_result($r);
7. mysqli_close($dbc);
8.  
9. $url = BASE_URL . (isset($_SESSION['redirect']) ? $_SESSION['redirect'] : 'index.php');
10. unset($_SESSION['redirect']);
11. ob_end_clean();
12. header("Location: $url");
13. exit();
14. } else {
15. echo 'Message';
16. }
17.  
18. $q = "SELECT id, fname, lname FROM users WHERE (username='$username' AND password=SHA1('$password'))";
19. $r = mysqli_query ($dbc, $q) or trigger_error("Query: $qn<br>MySQL Error: " . mysqli_error($dbc));
20.  
21. if (@mysqli_num_rows($r) == 1) {
22. $row = mysql_fetch_assoc($r);
23. $_SESSION['id'] = $row['id'];
24. $_SESSION['fname'] = $row['fname'];
25. $_SESSION['lname'] = $row['lname'];
26. mysqli_free_result($r);
27. mysqli_close($dbc);
28.  
29. $url = BASE_URL . (isset($_SESSION['redirect']) ? $_SESSION['redirect'] : 'index.php');
30. unset($_SESSION['redirect']);
31. ob_end_clean();
32. header("Location: $url");
33. exit();
34. } else {
35. echo 'Message<p>';
36. }