<?phpmysql_connect(“localhost”,”root”,””);mysql_select_db(“nama database an

1. <?php
2. mysql_connect(“localhost”,”root”,””);
3. mysql_select_db(“nama database anda”);
4. function antiinjektion($data){$filter=mysql_real_escape_string(htmlspecialchars(stripslashes(strip_tags($data, ENT_QUOTES))));
5. return $filter;
6. }
7. $user=antiinjektion($_POST[‘user’]);
8. $pass=antiinjektion(md5($_POST[‘pass’]));
9. $cek=mysql_query(“select * from admin where user=’$user’ AND pass=’$pass'”);
10. $ketemu=mysql_num_rows($cek);$r=mysql_fetch_array($cek) ;
11. if($ketemu>0){
12. session_start();.
13. $_SESSION[‘admin’]=$r[‘user’];
14. header(“Location:.”);
15. }
16. else{
17. echo “Error”;
18. }
19. ?>