Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("login.php");
- $host="localhost";
- $username ="root";
- $password="";
- $db_name="users";
- $tbl_name="users_info";
- mysql_connect("$host","$username",$password)or die(mysql_error());
- mysql_select_db("$user_info")or die("mysql_error());
- // you should really filter these
- $myusername=$_GET['FirstName'];
- $mylastname=$_GET['LastName'];
- // I don't see where you actually verify the username and password....
- // I mean, you got the correct sql for it, however, you don't actually verify the
- // results anywhere.
- $sql="Select * FROM $tbl_name WHERE username='$username' and password='$mylastname'";
- $result=mysql_query($sql)";
- session_register("myusername");
- session_register("mypassword");
- }
- else {
- echo "$mysql_error()";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement