//connect.php<?php@session_start(); $connect=mysql_connect("localhost","

1. //connect.php
2.  
3. <?php
4. @session_start();
5. $connect=mysql_connect("localhost","****","******");
6. mysql_select_db("ramrodcovens",$connect) or die("Error".mysql_error());
7. ?>
8.  
9.  
10.  
11.  
12.  
13. // checklogin.php
14.  
15. <?php
16. session_start();
17. ob_start();
18. include_once "connect.php";
19. $tbl_name = "user";
20.  
21.  
22. // Define $myusername and $mypassword
23. $myusername=$_POST['myusername'];
24. $mypassword=$_POST['mypassword'];
25.  
26. // To protect MySQL injection (more detail about MySQL injection)
27. $myusername = stripslashes($myusername);
28. $mypassword = stripslashes($mypassword);
29. $myusername = mysql_real_escape_string($myusername);
30. $mypassword = mysql_real_escape_string($mypassword);
31.  
32. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
33. $result=mysql_query($sql);
34.  
35. // Mysql_num_row is counting table row
36. $count=mysql_num_rows($result);
37. // If result matched $myusername and $mypassword, table row must be 1 row
38.  
39. if($count==1){
40. // Register $myusername, $mypassword and redirect to file "login_success.php"
41. $_SESSION['loggedIn']= true;
42. $_SESSION['user'] = $myusername;
43. //$_SESSION['user'] = $result['username'];
44.  
45.  
46.  
47. header("location:index.php?site=login_success");
48. }
49. else {
50. echo "Wrong Username or Password";
51. }
52.  
53. ob_end_flush();
54. ?>