<?php// Inialize sessionsession_start();// Include database connection

1. <?php
2.  
3. // Inialize session
4. session_start();
5.  
6. // Include database connection settings
7. include('config.inc');
8.  
9. // Retrieve username and password from database according to user's input
10. $login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");
11.  
12. $id = mysql_query("SELECT status FROM user");
13. if(id==1)   {      
14.         if (mysql_num_rows($login) == 1) {
15.                 // Set username session variable
16.                 $_SESSION['username'] = $_POST['username'];
17.                 // Jump to secured page
18.                 header('Location: index.php');
19.         }
20.  
21.         else {
22.                 // Jump to login page
23.                 header('Location: login.php');
24.         }
25. }
26. else{
27. die(); 
28. }
29.  
30. ?>