// Connect to server and select databse.mysql_connect("$host", "$username", "$

1. // Connect to server and select databse.
2. mysql_connect("$host", "$username", "$password")or die("cannot connect");
3. mysql_select_db("$db_name")or die("cannot select DB");
4.  
5. // username and password sent from form
6. $myusername=$_POST['meno'];
7. $mypassword=sha1($_POST['heslo']); # ziskame heslo v sifrovanej podobe
8.  
9. // To protect MySQL injection (more detail about MySQL injection)
10. $myusername = stripslashes($myusername);
11. $mypassword = stripslashes($mypassword);
12. $myusername = mysql_real_escape_string($myusername);
13. $mypassword = mysql_real_escape_string($mypassword);
14.  
15. $sql="SELECT * FROM $tbl_name WHERE meno='$myusername' and heslo='$mypassword'";
16. $result=mysql_query($sql);
17.  
18. // Mysql_num_row is counting table row
19. $count=mysql_num_rows($result);
20. // If result matched $myusername and $mypassword, table row must be 1 row
21.  
22. if($count==1){
23. // Register $myusername, $mypassword and redirect to file "login_success.php"
24. session_register("myusername");
25. session_register("mypassword");
26. header("location:index1.php");
27. }
28. else {
29. echo "Nesprávne meno alebo heslo";
30. }
31. ?>