Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- include("dbconnect.php"); //database connection
- session_start();
- $error = ""; //error msg variable.
- if(isset($_POST["submit"])){
- if(empty($_POST["username"]) || empty($_POST["password"]))
- {
- $error = "username/password can't be empty.";
- }else
- {
- $username=$_POST['username'];
- $password=$_POST['password'];
- $username = stripslashes($username); //SQL Injection denial
- $password = stripslashes($password);
- $username = mysqli_real_escape_string($username, $koneksi);
- $password = mysqli_real_escape_string($password, $koneksi);
- $sql = "SELECT * FROM operator WHERE username='$username' and password='$password'";//username and password checking
- $result =mysqli_query($sql, $koneksi);
- $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
- if(mysqli_num_rows($result) == 1){
- $_SESSION['username'] = $login_user; // create session
- header("location: home.php"); // redirection
- }else{
- $error = "wrong username or password.";
- }
- }
- }
- Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, string given in /opt/lampp/htdocs/libraryman/login.php on line 15
- Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, string given in /opt/lampp/htdocs/libraryman/login.php on line 16
- Warning: mysqli_query() expects parameter 1 to be mysqli, string given in /opt/lampp/htdocs/libraryman/login.php on line 18
- Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in /opt/lampp/htdocs/libraryman/login.php on line 19
- Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in /opt/lampp/htdocs/libraryman/login.php on line 20
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
