<?php ob_start(); include ('[connection].php'); #Connection# #mysql

1. <?php
2.     ob_start();
3.    
4.     include ('[connection].php');
5.  
6.     #Connection#
7.     #mysql_connect("$host","$user","$pass")or die("Could Not Connect");
8.     #mysql_select_db($db_name) or die("Could Not Select Database");
9.    
10.     #User / Pass (From Form)#
11.     $myuser=$_POST['[user]'];
12.     $mypass=$_POST['[pass]'];
13.    
14.     #MYSQL Anti-Injection#
15.     $myuser=stripslashes($[uservar]);
16.     $mypass=stripslashes($[passvar]);
17.     $myuser=mysql_real_escape_string($[uservar]);
18.     $mypass=mysql_real_escape_string($[passvar]);
19.    
20.     $sql="SELECT * FROM [table] WHERE [user]='$[uservar]' and [pass]='$[passvar]'";
21.     $result=mysql_query($sql);
22.     if(!$result){
23.         die("Error: " . mysql_error() . " Error number: " . mysql_errno());
24.     }
25.     #Number or rows counted#
26.     $count=mysql_num_rows($result);
27.     #For a match there must only be one#
28.     if($count==1){
29.         session_start();
30.         session_name('[name]');
31.         $_SESSION["[user]"]=$[uservar];
32.         $_SESSION["[pass]"]=$[passvar];
33.         session_id();
34.         header("location:[].php");
35.         }else{
36.             echo("Wrong Username or Password");
37.         }
38.     ob_end_flush();
39. ?>