<?php include 'config.php'; $session_username = $_SESSION['username'];

1. <?php
2.  
3. include 'config.php';
4.  
5. $session_username = $_SESSION['username'];
6.  
7. ?><html>
8. <head><title>Login Page</title>
9. <link href="login.css" rel="stylesheet" type="text/css" />
10. </head>
11. <body>
12. <div class="wrapper">
13. <div id="top">Online FM</div>
14. <div id="Box1">
15. <form action='index.php' method='POST'>
16. Username:
17.  
18. <input type='text' name='username'><p />
19. Password:
20.  
21. <input type='password' name='password'><p />
22. <input type='submit' name='login' value='Log in'>
23. </form>
24.  
25. <?php
26.  
27. if ($_POST['login'])
28. {
29. //get form data
30. $username = ($_POST['username']);
31. $password = ($_POST['password']);
32.  
33. if (!$username||!$password)
34. echo "Enter a username and password";
35. else
36. {
37. //log in
38. $login = mysql_query("SELECT * FROM users WHERE username='$username'");
39. if (mysql_num_rows($login)==0)
40. echo "No such user";
41.  
42. else
43. {
44. while ($login_row = mysql_fetch_assoc($login))
45. {
46. //get database password
47. $password_db = $login_row['password'];
48.  
49. //encrypt form password
50. $password = md5($password);
51.  
52. //check password
53. if ($password!=$password_db)
54. echo "Incorrect password.";
55. else
56. {
57. $_SESSION['username']=$username; //assign session
58. header("Location: index.php"); //refresh
59. }
60. }
61.  
62.  
63.  
64. }
65. }
66. }
67. else
68. {
69.  
70. if (isset($session_username))
71. {
72. header('Location: me.php');
73. }
74.  
75. }
76.  
77. ?>
78.  
79.  
80. <br />Don't have an account? <a href="register.html"><b>Register one today</b></a>.</div></div>
81. </body>
82. </html>