<?phpinclude (index.htm)session_start();$username = $_POST['username

1. <?php
2.  
3. include (index.htm)
4.  
5. session_start();
6.  
7. $username = $_POST['username'];
8. $password = $_POST['password'];
9.  
10.  
11. if ($username&&$password)
12. {
13.  
14. $connect = mysql_connect("localhost","b3fantastico","password") or die("Could not connect to database");
15. mysql_select_db("example") or die ("Could not find Database");
16.  
17. $query = mysql_query("SELECT * FROM users WHERE username='$username'");
18.  
19. $numrows = mysql_num_rows($query);
20.  
21. if ($numrows!=0)
22. {
23. while ($row = mysql_fetch_assoc ($query))
24. {
25. $dbusername = $row['username'];
26. $dbpassword = $row['password'];
27. }
28.  
29. // Check to see if they match!
30. if ($username==$dbusername&&md5 ($password==$dbpassword))
31. {
32. echo 'Successfully Logged in! <a href="member.php">Click here to enter the member page! </a>';
33. $_SESSION['username']=$username;
34.  
35. }
36. else
37. echo "Incorrect Password!";
38.  
39. }
40. else
41. die("That user does not exist!");
42.  
43. }
44.  
45. else
46. die("Please enter a username and a password");
47.  
48. ?>