login

1. <?php
2.  
3. $host="localhost"; // Host name
4. $username="root"; // Mysql username
5. $password=""; // Mysql password
6. $db_name="baza"; // Database name
7. $tbl_name="uporabnik"; // Table name
8.  
9. // Connect to server and select databse.
10.  
11. $con=mysqli_connect($host, $username, $password)or die("cannot connect");
12. mysqli_select_db($con,$db_name)or die("cannot select DB");
13.  
14. // username and password sent from form
15.  
16. $myusername=$_POST['enaslov'];
17. $mypassword=$_POST['geslo'];
18.  
19. // To protect MySQL injection (more detail about MySQL injection)
20. $myusername = stripslashes($myusername);
21. $mypassword = stripslashes($mypassword);
22. //$myusername = mysql_real_escape_string($myusername);
23. //$mypassword = mysql_real_escape_string($mypassword);
24.  
25. $sql="SELECT enaslov, geslo FROM uporabnik WHERE enaslov='$myusername' and geslo='$mypassword'";
26. $result=mysqli_query($con,$sql);
27.  
28. // Mysql_num_row is counting table row
29.  
30. $count=mysqli_num_rows($result);
31.  
32. // If result matched $myusername and $mypassword, table row must be 1 row
33.  
34. if($count==1){
35.  
36. // Register $myusername, $mypassword and redirect to file "login_success.php"
37.  
38. header("Refresh:1; url=prvastran.php";
39. }
40. else {
41. echo "Napačno uporabniško ime ali geslo";
42. }
43. ?>