<?phpsession_start();if (isset($_GET['logout'])){ session_destroy(); h

1. <?php
2. session_start();
3. if (isset($_GET['logout']))
4. {
5.     session_destroy();
6.     header("Location:./");
7. }
8.  
9. include_once("conn.php");
10.  
11. $username = mysql_real_escape_string(htmlspecialchars($_POST['username']));
12. $password = md5($_POST['password']);
13.  
14. $result = mysql_query("SELECT * FROM `users` WHERE username = '" . $username . "'");
15. $row = mysql_fetch_array($result);
16.  
17. if (mysql_num_rows($result) > 0)
18. {
19.     if ($row['password'] == $password)
20.     {
21.         echo "1";
22.         $_SESSION['uname'] = $username;
23.         $_SESSION['lvl'] = $row['lvl'];
24.     }
25.     else echo "0";
26. }
27. else echo "0";
28. ?>