Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- include('config.php');
- // Define $myusername and $mypassword
- $username=$_POST['username'];
- $password=$_POST['password'];
- //encrypt password
- //$encrypted_password=md5($password);
- // To protect MySQL injection (more detail about MySQL injection)
- $username = stripslashes($username);
- $password = stripslashes($password);
- $username = mysql_real_escape_string($username);
- $password = mysql_real_escape_string($password);
- $sql="SELECT id, username, password, userlevel FROM library_login WHERE username='$username' and password=md5('$password')";
- $result=mysql_query($sql);
- // Mysql_num_row is counting table row
- $count=mysql_num_rows($result);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($count==1){
- // Register $myusername, $mypassword and redirect to file "index_logged.php"
- session_register("username");
- session_register("password");
- session_register("id");
- header("location:.");
- }
- else {
- echo "Wrong username or password";
- }
- ob_end_flush();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement