kopiointionosasuoritusta

1. <html>
2. <body>
3.  
4. <?php
5. if(isset($_POST['login']))
6. {
7. include("db.php");
8. $link = openDBConnection();
9. // get the password from the form and create the hash
10. // the escape-function is used to provide security
11. $password = md5 ($_POST['password']);
12. $username = $_POST['username'];
13. $query = "SELECT * FROM kayttajat WHERE username ='".$username."'";
14. $result = mysql_query($query);
15. if($result != false)
16. {
17. $num_rows = mysql_num_rows($result);
18. if($num_rows == 0)
19. {
20. print "<p>Login incorrect<p>";
21. }
22. while($row = mysql_fetch_assoc($result))
23. {
24. $real_password = $row['password'];
25. if($password == $real_password)
26. {
27. session_start();
28. $_SESSION['session_id'] =
29. session_id();
30. header("Location: index.php");
31. }
32. else
33. {
34. print "<p>Login incorrect<p>";
35. }
36. }
37. }
38. else
39. {
40. print "<p>Login incorrect<p>";
41. }
42. }
43. ?>
44.  
45.  
46. </body>
47. </html>