<?php include 'include/connection.php'; session_start(); if ($_SERV

1. <?php
2. include 'include/connection.php';
3. session_start();
4.  
5. if ($_SERVER["REQUEST_METHOD"] == "POST") {
6. $myusername = mysqli_real_escape_string($conn, $_POST['username']);
7. $mypassword = mysqli_real_escape_string($conn, $_POST['password']);
8.  
9. $sql = "SELECT id FROM userdata WHERE username = '$myusername' and password = '$mypassword'";
10. $result = mysqli_query($conn, $sql);
11. $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
12. $active = $row['active'];
13.  
14. $count = mysqli_num_rows($result);
15.  
16. if ($count == 1) {
17. session_register("myusername");
18. $_SESSION['login_user'] = $myusername;
19.  
20. header ("location: index.php");
21. } else {
22. $error = "Your login name or password is invalid.";
23. }
24. }
25. ?>
26.  
27. <!DOCTYPE html>
28. <head>
29. <title>Fast Food Guru - Login</title>
30. <link rel="stylesheet" type"text/css" href="settings.css">
31. </head>
32.  
33. <html>
34. <body>
35.  
36. <form action="" method="POST">
37. <label for ="username">Username: </label><input type="text" name="username" id="username" required/><br />
38. <label for ="password">Password: </label><input type="password" name="password" id="password" required/><br />
39. <input type="submit" name="login" id="login" value="Login" />
40. </form>
41.  
42. </body>
43. </html>
44.  
45. <?php
46. $dbhost = "localhost";
47. $dbuser = "admin";
48. $dbpass = "password";
49. $dbname = "fastfoodguru";
50.  
51. $conn = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
52.  
53. if ($conn->connect_error) {
54. die("Connection failed: " . $conn->connect_error);
55. }
56. ?>