<?php session_start(); mysql_connect('localhost','test','Asd!'); mysql_s

1. <?php
2.     session_start();
3.  
4.     mysql_connect('localhost','test','Asd!');
5.     mysql_select_db('test');
6.  
7.     if (isset($_POST['username']) && isset($_POST['password'])) {
8.         $result = mysql_query("SELECT level FROM users WHERE username='" . mysql_real_escape_string($_POST['username']) . "' AND password='" . md5($_POST['password']) . "'");
9.         if (mysql_num_rows($result) == 1) {
10.             $data = mysql_fetch_row($result);
11.             $_SESSION['username'] = $_POST['username'];
12.             $_SESSION['level'] = $data[0];
13.         }
14.     }
15.  
16.     mysql_close();
17. ?>