Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- $host="localhost"; // Host name
- $username="sj"; // Mysql username
- $password="BLEEPS"; // Mysql password
- $db_name="sj_xbl"; // Database name
- $tbl_name="members"; // Table name
- // Connect to server and select databse.
- mysql_connect("$host", "$username", "$password")or die("cannot connect");
- mysql_select_db("$db_name")or die("cannot select DB");
- // Define $tag and $sjpass
- $tag=$_POST['tag'];
- $sjpass=$_POST['sjpass'];
- // To protect MySQL injection (more detail about MySQL injection)
- $tag = stripslashes($tag);
- $sjpass = stripslashes($sjpass);
- $tag = mysql_real_escape_string($tag);
- $sjpass = mysql_real_escape_string($sjpass);
- $sql="SELECT * FROM $tbl_name WHERE tag='$tag' and password='$sjpass'";
- $result=mysql_query($sql);
- // Mysql_num_row is counting table row
- $count=mysql_num_rows($result);
- // If result matched $tag and $sjpass, table row must be 1 row
- if($count==1){
- // Register $tag, $sjpass and redirect to file "login_success.php"
- $_SESSION['tag'] = $tag;
- session_register("sjpass");
- header("location:login_success.php?tag=$tag");
- }
- else {
- header("Location: login.php?m=Invalid+username+or+password");
- }
- ob_end_flush();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement