<?phpsession_start(); $_SESSION['user_logged']=$user; $

1. <?php
2. session_start();
3. $_SESSION['user_logged']=$user;
4. $_SESSION['user_password']=$password;
5. $user = $_POST["username"];
6. $password = $_POST["password"];
7.  
8.  
9. include("include/connect.php");
10. $msg = array();
11.  
12. if(isset($_POST['submit'])){
13.  
14. foreach($_REQUEST as $key=>$val){
15. $$key=$val;
16. }
17.  
18. if(count($msg)==0){
19.  
20. $sql="SELECT username, password FROM admin WHERE username='$username' && password='$password'";
21. $res=mysql_query($sql) OR die(mysql_error());
22. if(mysql_fetch_array($res)>0){
23. $_SESSION['user_logged']= $user;
24. $_SESSION['user_password']=$password;
25. header("location:dashboard.php");
26. echo "You looged in Successfully";
27. } else{
28. $msg[]='Incorrect username/password';
29. }
30.  
31. }
32.  
33. }
34. ?>