$db = mysqli_connect('localhost','root','','db_registerlogin'); if(isset($_P

1. $db = mysqli_connect('localhost','root','','db_registerlogin');
2.  
3. if(isset($_POST['login_btn'])){
4. session_start();
5. $email = mysqli_real_escape_string($db,$_POST['email']);
6. $password = mysqli_real_escape_string($db,$_POST['password']);
7. $password = md5($password);
8. $sql = "SELECT * FROM users WHERE email = '$email' AND password = '$password'";
9. $result = mysqli_query($db,$sql);
10. if(mysqli_num_rows($result)==1){
11. $user = mysqli_fetch_assoc($result);
12. $_SESSION['message'] = 'You are now logged in!';
13. $_SESSION['first_name'] = $user['first_name'];
14. $_SESSION['last_name'] = $user['last_name'];
15. header("location: home.php");
16. } else{
17. //failed
18. $_SESSION['error'] = 'Credentials didnot match!';
19. }
20. }