New php

1. // username and password sent from form
2. $myusername=$_POST['myusername'];
3. $mypassword=$_POST['mypassword'];
4.  
5. // To protect MySQL injection (more detail about MySQL injection)
6. $myusername = stripslashes($myusername);
7. $mypassword = stripslashes($mypassword);
8. $myusername = mysql_real_escape_string($myusername);
9. $mypassword = mysql_real_escape_string($mypassword);
10. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
11. $result=mysql_query($sql);
12.  
13. // Mysql_num_row is counting table row
14. $count=mysql_num_rows($result);
15.  
16. // If result matched $myusername and $mypassword, table row must be 1 row
17. if($count==1){
18.  
19. // Register $myusername, $mypassword and redirect to file "login_success.php"
20. session_register("myusername");
21. session_register("mypassword");
22. header("location:login_success.php");
23. }
24. else {
25. echo "Wrong Username or Password";
26. }