<?php $username = $_POST['username']; $password = $_POST['password'];

1. <?php
2. $username = $_POST['username'];
3. $password = $_POST['password'];
4.  
5. $username = stripcslashes($username);
6. $password = stripcslashes($password);
7. $username = mysql_real_escape_string($username);
8. $password = mysql_real_escape_string($password);
9.  
10. mysql_connect("localhost", "root", "");
11. mysql_select_db("login")
12.  
13. $result = mysql_query("select * from users where username = '$username' and password = '$password'")
14. or die("Failed to query database ".mysql_error());
15. $row = mysql_fetch_array($result);
16. if($row['username'] == $username && $row['password'] == $password && ("" !== $username || "" !== $password)) {
17. echo "Login Success! Welcome, ".$row['username'];
18. } else {
19. echo "Failed to Login!";
20. }
21. ?>