Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Inialize session
- session_start();
- // Include database connection settings
- include('config.inc');
- // Retrieve username and password from database according to user's input
- $login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");
- $id = mysql_query("SELECT status FROM user");
- if(id==1) {
- if (mysql_num_rows($login) == 1) {
- // Set username session variable
- $_SESSION['username'] = $_POST['username'];
- // Jump to secured page
- header('Location: index.php');
- }
- else {
- // Jump to login page
- header('Location: login.php');
- }
- }
- else{
- die();
- }
- ?>
Add Comment
Please, Sign In to add comment