<?php require('db.php'); session_start(); // If form submitted, insert

1. <?php
2. require('db.php');
3. session_start();
4. // If form submitted, insert values into the database.
5. if (isset($_POST['username']) && !empty($_POST['password'])){
6. $username = $_POST['username'];
7. $password = $_POST['password'];
8. $username = stripslashes($username);
9. $username = mysql_real_escape_string($username);
10. $password = stripslashes($password);
11. $password = mysql_real_escape_string($password);
12. //Checking is user existing in the database or not
13. $query = "SELECT * FROM `users` WHERE username='$username' and password='".md5($password)."'";
14. $result = mysql_query($query) or die(mysql_error());
15. $rows = mysql_num_rows($result);
16. if($rows==1){
17. $_SESSION['username'] = $username;
18. header("Location: index.php"); // Redirect user to index.php
19. }else{
20. echo "<div class='form'><h3>Username/password is incorrect.</h3><br/>Click here to <a href='login.php'>Login</a></div>";
21. }
22. }else{
23. }
24.  
25. ?>