<html><body><?phpob_start();$host="localhost"; // Host name$username="ro

1. <html><body>
2. <?php
3. ob_start();
4. $host="localhost"; // Host name
5. $username="root"; // Mysql username
6. $password=""; // Mysql password
7. $db_name="sabahcom"; // Database name
8. $tbl_name="login"; // Table name
9.  
10. // Connect to server and select database.
11. $con = mysql_connect("$host", "$username", "$password")or die("cannot connect");
12. mysql_select_db("$db_name")or die("cannot select DB");
13.  
14. // Define $myusername and $mypassword
15. $myusername=$_POST['myusername'];
16. $mypassword=$_POST['mypassword'];
17.  
18. // To protect MySQL injection (more detail about MySQL injection)
19. //$myusername = stripslashes($myusername);
20. //$mypassword = stripslashes($mypassword);
21. //$myusername = mysql_real_escape_string($myusername);
22. //$mypassword = mysql_real_escape_string($mypassword);
23.  
24. $sql="SELECT * FROM $tbl_name WHERE Username='$myusername' and Password='$mypassword'";
25. $result=mysql_query($sql);
26.  
27. // Mysql_num_row is counting table row
28. $count=mysql_num_rows($result);
29. // If result matched $myusername and $mypassword, table row must be 1 row
30.  
31. if($count==1){
32. // Register $myusername, $mypassword and redirect to file "login_success.php"
33. session_register("myusername");
34. session_register("mypassword");
35. header("location:login_success2.php");
36. }
37. else {
38. echo "<strong>Wrong Username or Password!</strong><br>";
39. }
40. ob_end_flush();
41. ?>
42. <div align="center"><a href="main_login.php" class="style2">Back to Main login</a>
43. </div>
44. </body></html>