Untitled

<?php
session_start();

// dBase file
include "dbConfig.php";

if ($_GET["op"] == "login")
 {
 if (!$_POST["username"] || !$_POST["password"])
  {
  die("You need to provide a username and password.");
  }

 // Create query
 $q = "SELECT * FROM `dbUsers.` "
  ."WHERE `username`='".$_POST["username"]."' "
  ."AND `password`=PASSWORD('".$_POST["password"]."') "
  ."LIMIT 1";
 // Run query
 $r = mysql_query($q);

 if ( $obj = @mysql_fetch_object($r) )
  {
  // Login good, create session variables
  $_SESSION["valid_id"] = $obj->id;
  $_SESSION["valid_user"] = $_POST["username"];
  $_SESSION["valid_time"] = time();

 // Redirect to member page
  header("Location: /members.php");
  }
 else
  {
  // Login not successful
  die("Sorry,  we could not log you in to LoveBubble. There seems to be a problem with your login information.");
  }
 }
else
 {

//If all went right the Web form appears and users can log in

echo "<html>";
echo "<LINK REL=StyleSheet HREF='style.css' TYPE='text/css' MEDIA=screen>";
echo "<head>";
echo "<title>LoveBubble</title>";
echo "</head>";
echo "<body>";
echo "<div class='top'>";
echo "</br>";
echo "<center><img src='images/bubblelogo.jpg' alt='LoveBubble'/></center>";
echo "</br>";
echo "</br>";
echo "</br>";
echo "</div>";
echo "<div class='main'>";
echo "<center>";
echo "<img src='images/bubbles.jpg'/>";
echo "</center>";
echo "<center>";
 echo "<form action=\"?op=login\" method=\"POST\">";
 echo "Username: <input name=\"username\" size=\"15\"><br />";
 echo "Password: <input type=\"password\" name=\"password\" size=\"15\"><br />";
 echo "<input type=\"submit\" value=\"Login\">";
echo "<form>";
echo "<Input Type='button' Value='Register' Onclick=window.location.href='/register.php'>";
echo "</form>";
echo "</center>";
echo "</body>";
echo "</html>";
 }
?>