Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("global.php");
- $tbl_name="users"; // Table name
- // username and password sent from form
- $username=$_POST['username'];
- $password=$_POST['password'];
- // To protect MySQL injection (more detail about MySQL injection)
- $username = stripslashes($username);
- $password = stripslashes($password);
- $username = mysql_real_escape_string($username);
- $password = mysql_real_escape_string($password);
- $sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
- $result=mysql_query($sql);
- $count=mysql_num_rows($result);
- if($count==1){
- session_register("username");
- session_register("password");
- header ("location: me.php");
- }
- else {
- echo "Wrong Username or Password";
- }
- ?>
Add Comment
Please, Sign In to add comment