$query = mysql_query("SELECT * FROM clients WHERE username = '$username' or em

1. $query = mysql_query("SELECT * FROM clients WHERE username = '$username' or email = '$username'");
2.  
3. $numrows = mysql_num_rows($query);
4.  
5. /*
6. echo $numrows;
7. */
8.  
9. if ($numrows!=0)
10. {
11. // code to login
12. while ($row = mysql_fetch_assoc($query))
13. {
14. $useremail = strtolower($row['email']);
15. $dbusername = strtolower($row['username']);
16. $dbpassword = strtolower($row['password']);
17. }
18. /* CHECK TO SEE IF THEY MATCH! NOTE THAT THE PASSWORD THAT THE USER ENTERS MUST BE COMPARED TO AN ENCRIPTED PASSWORD WHICH WAS STORED IN THE DB WHEN
19. USER REGISTERED HIS ACCOUNT
20.  
21. THEREFORE, THE USER'S INPUT(for the password field) MUST BE ENCRIPTED FOR COMPARISON
22. */