<?php$host="mysql504.ixwebhosting.com"; // Host name$username="C255502_Nitte

1. <?php
2. $host="mysql504.ixwebhosting.com"; // Host name
3. $username="C255502_Nitte"; // Mysql username
4. $password="xxxxxx"; // Mysql password
5. $db_name="C255502_NitteBlog"; // Database name
6. $tbl_name="user"; // Table name
7.  
8. // Connect to server and select databse.
9. mysql_connect("$host", "$username", "$password")or die("cannot connect");
10. mysql_select_db("$db_name")or die("cannot select DB");
11.  
12. // username and password sent from form
13. $myusername=$_GET['un'];
14. $mypassword=$_GET['pw'];
15.  
16.  
17. // To protect MySQL injection (more detail about MySQL injection)
18. $myusername = stripslashes($myusername);
19. $mypassword = stripslashes($mypassword);
20. $myusername = mysql_real_escape_string($myusername);
21. $mypassword = mysql_real_escape_string($mypassword);
22.  
23. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
24. $result=mysql_query($sql);
25.  
26. // Mysql_num_row is counting table row
27. $count=mysql_num_rows($result);
28. // If result matched $myusername and $mypassword, table row must be 1 row
29.  
30. if($count==1){
31. // Register $myusername, $mypassword and redirect to file "login_success.php"
32. session_register("myusername");
33. session_register("mypassword");
34. header("location:user.php");
35. }
36. else {
37. header("location:index.html?success=0");
38. }
39. ?>