<?phpsession_start(); if(isset($_POST['LOGINKNAPPEN'])) { $username =

1. <?php
2. session_start();
3.  
4.  
5. if(isset($_POST['LOGINKNAPPEN'])) {
6.     $username = $_POST['username'];
7.     $password = $_POST['password'];
8.      
9.     if(!preg_match('/^[a-zA-Z0-9]{3,}$/', $username)) {
10.         // Brukernavnet inneholder ulovlige tegn.
11.         // Tillater tall og bokstaver over 3 tegn.
12.        
13.        
14.     } else {
15.         mysql_connect("localhost", "root", "");
16.         mysql_select_db("sync");
17.          
18.         $username = mysql_real_escape_string($username);
19.         $password = mysql_real_escape_string($password);
20.        
21.         $query = mysql_query("select * from brukere where username = '$username' and password = '$password'") or die("Failed to query database ".mysql_error());
22.         $check = mysql_num_rows($query);
23.        
24.         if($check) {
25.             // Riktig passord
26.             $row = mysql_fetch_array($query);
27.            
28.             $_SESSION['username'] = $username;
29.             header("Location: userdata/".$_SESSION["username"]."/"); die();
30.            
31.         } else {
32.             echo "Username or password incorrect!";
33.         }
34.     }
35. }
36.  
37. ?>