<?phpsession_start();$username = $_POST['username'];$password = $_POST

1. <?php
2.  
3. session_start();
4.  
5. $username = $_POST['username'];
6. $password = $_POST['password'];
7.  
8. if ($username&&$password)
9. {
10.  
11.  
12.  $connect = mysql_connect("servername","user_db","something") or die("Couldn't connect!");
13.  mysql_select_db("dbname_db") or die("Could't find db");
14.  
15.  $query = mysql_query("SELECT * FROM users WHERE username='$username'");
16.  
17.  $numrows = mysql_num_rows($query);
18.  
19.  if ($numrows!=0)
20.  {
21.  
22.   while($row = mysql_fetch_assoc($query))
23.   {
24.     $dbusername = $row['username'];
25.     $dbpassword = $row['password'];
26.   }
27.    //check to see if they match!
28.    if ($username==$dbusername&&sha1(hash("whirlpool", ($password)))==$dbpassword)
29.    {
30.       echo "You're In! <a href='members.php'>members</a> area.";
31.       $_SESSION['username']=$username;
32.    }
33.    else
34.        echo "Wrong username and password combination!";
35.   }
36.   else  
37.       die("Wrong username and password combination!");
38.    
39.  }
40.  
41. else
42.     die("Please enter a username and password!");
43.    
44.    
45.  
46. ?>