<?php //salting of password$salt="@g26jQsG&nh*&#8v";$password= sha1($_REQU

1. <?php
2.  
3. //salting of password
4. $salt="@g26jQsG&nh*&#8v";
5. $password= sha1($_REQUEST['pwd'].$salt);
6.  
7. $sql= "SELECT email,password FROM customer WHERE email='$username' AND password='$password'";
8. $result=mysqli_query($success, $sql) or die(mysql_error());
9. $rws= mysql_fetch_array($result);
10.  
11. //$sql = mysqli_query($success, "SELECT * FROM login WHERE username = '".$_POST['username']."' and password = '".md5($_POST['password'])."'");
12. //$row = mysqli_num_rows($sql);
13.  
14. $user=$rws[0];
15. $pwd=$rws[1];
16.  
17. if($user==$username && $pwd==$password){
18. session_start();
19. $_SESSION['customer_login']=1;
20. $_SESSION['cust_id']=$username;
21. header('location:customer_account_summary.php');
22. }