Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $host = "localhost"; //localhost name
- $username = "root"; //sql username
- $password = "root"; //sql password
- $db_name = "test"; //database name
- $tbl_name = "members"; //table name
- // username and password sent from FORM
- $myusername = $_POST['myusername'];
- $mypassword = $_POST['mypassword'];
- // conect to server and select database if username and password are true
- if ($myusername && $mypassword){
- $connect = mysql_connect("$host", "$username", "$password") or die("could not connect");
- mysql_select_db($db_name) or die ("could not connect to database");
- $query = mysql_query("SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'");
- // mysql_num_row is counting table row
- $count = mysql_num_rows($query);
- // if result is a match $username and $password, tbl row must be 1 row
- //echo $count;
- if ($count == 1){
- // register $username $password and redirect to file "checklogin.php"
- session_register("myusername");
- $_SESSION['username'] = $myusername; //creating a session with the username
- session_register("mypassword");
- header("location:login_success.php");
- }
- else {
- echo "you have wrong username or password try again";
- }
- }
- else {
- die("please enter username and password!!!!!!");
- }
- // security against mysql injections
- /*
- $myusername = stripcslashes($myusername);
- $mypassword = stripcslashes($mypassword);
- $myusername = mysql_real_escape_string($username);
- $mypassword = mysql_real_escape_string($mypassword);
- */
- ?>
Add Comment
Please, Sign In to add comment
