Untitled

<?php
session_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="assignment"; // Database name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password","$db_name")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];


$sql="SELECT * FROM Member WHERE UserName='$myusername' AND Password='$mypassword'";
$result = mysql_query($sql);


// Mysql_num_row is counting table row
$count = mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row


if($count == 1){
$_SESSION['myusername'] = $_POST['myusername'];
$_SESSION['mypassword'] = $_POST['mypassword'];
 header( 'Location:LoginSucess.php' ) ;

}
else if($_REQUEST['myusername'] == "admin" && $_REQUEST['mypassword'] == "admin123") {
    session_register("myusername");
    session_register("mypassword");
 header( 'Location:admin.php' ) ;
}

echo "Wrong Username or Password";
echo "<br/><input type=button value='Back' onclick='javascript:history.go(-1);'>";


?>