//LOGGING IN-USER\\if(isset($_POST['action']) == "login"){ //Defining sp

1. //LOGGING IN-USER\\
2. if(isset($_POST['action']) == "login"){
3.      //Defining special variables (username and password)
4.      $username = strtolower(mysql_real_escape_string($_POST['username']));
5.      $password = mysql_real_escape_string($_POST['password']);
6.      
7.      
8.      //Getting Information
9.      $sql = mysql_query("SELECT * FROM `user` WHERE `Id`='$username'") or die(mysql_error());
10.      $sqlly = mysql_fetch_assoc($sql);
11.      $dbusername = strtolower($sqlly['Id']);
12.      $dbpassword = $sqlly['Password'];
13.      //Starting Verification Process
14.      if(!$password || !$username){die("<script>alert('Fill in all fields'); history.back();</script>");}
15.  
16.      if(!eregi("^[a-zA-Z0-9]*$", mysql_real_escape_string($_POST['username']))){
17.      die("<script>alert('Username must be alpha-numeric'); history.back();</script>");
18.      }
19.          
20.      if($username != $dbusername){die("<script>alert('Username not found'); history.back();</script>");}
21.     if($password != $dbpassword){die("<script>alert('Incorrect password'); history.back();</script>");}
22.          
23.      if (strlen($password)>16 || strlen($password)<4){die("<script>alert('Password must be between 4~16 characters'); history.back();</script>");}
24.      
25.      if (strlen($username)>16 || strlen($username)<4){die("<script>alert('Username must be between 4~16 characters'); history.back();</script>");}
26.     session_start();
27.      $_SESSION['user']=$username;
28.      }