<?phpinclude('db.php');session_start();// username and password sent fro

1. <?php
2.  
3. include('db.php');
4. session_start();
5. // username and password sent from form
6. $gebruiker=$_POST['gebruiker'];
7. $passwoord=$_POST['passwoord'];
8.  
9. // To protect MySQL injection (more detail about MySQL injection)
10. $gebruiker = stripslashes($gebruiker);
11. $passwoord = stripslashes($passwoord);
12. $gebruiker = mysqli_real_escape_string($conn, $gebruiker);
13. $passwoord = mysqli_real_escape_string($conn, $passwoord);
14. $encryptpass = md5($passwoord);
15. $sql="SELECT * FROM Gebruikers WHERE gebruiker='$gebruiker' and passwoord='$encryptpass'";
16. $result=mysqli_query($conn, $sql);
17.  
18. function is_user_logged_in() {
19. $user = wp_get_current_user();
20.  
21. return $user->exists();
22. }
23.  
24. // Mysql_num_row is counting table row
25. $count=mysqli_num_rows($result);
26.  
27. // If result matched $gebruiker and $passwoord, table row must be 1 row
28. if($count==1){
29. $_SESSION['loggedin'] = true;
30. $_SESSION['gebruiker'] = $gebruiker;
31. header('location:index.php');
32. }
33. else
34. {
35. echo "Gebruikersnaam of passwoord is niet juist";
36. }
37.  
38. mysqli_close($conn);
39.  
40. ?>