<?phpinclude ("index.htm");session_start();$username = $_POST['usern

1. <?php
2.  
3. include ("index.htm");
4.  
5. session_start();
6.  
7. $username = $_POST['username'];
8. $password = $_POST['password'];
9.  
10.  
11.  
12. if ($username&&$password)
13. {
14.  
15. $connect = mysql_connect("localhost","b3fantastico","password") or die("Could not connect to database");
16. mysql_select_db("example") or die ("Could not find Database");
17.  
18. $query = mysql_query("SELECT * FROM users WHERE username='$username'");
19.  
20. $numrows = mysql_num_rows($query);
21.  
22. if ($numrows!=0)
23. {
24.  $row = mysql_fetch_assoc($query);
25.  
26.         $dbusername = $row['username'];
27.         $dbpassword = $row['password'];
28.    
29.  
30.  
31.  // Check to see if they match!
32. if ($username === $dbusername && md5($password) === $dbpassword)
33.   {
34.      echo 'Successfully Logged in! <a href="member.php">Click here to enter the member page! </a>';
35.      $_SESSION['username']=$username;
36.      $_SESSION['id'] = $row['id']; $_SESSION['username'] = $row['username']; $_SESSION['password'] = $row['password']; $_SESSION['email'] = $row['email'];
37.  
38.  }
39.   else
40.       echo "Incorrect Password!";
41.  
42.  }
43. else
44.     die("That user does not exist!");
45.  
46. }
47.  
48. else
49.     die("Please enter a username and a password");
50.  
51. ?>