<?php# include .php file of connectioninclude_once ("connection.php");if($

1. <?php
2. # include .php file of connection
3. include_once ("connection.php");
4. if($_SERVER['REQUEST_METHOD'] == 'POST') {
5. $log_username = $_POST['log_username'];
6. $log_password = $_POST['log_password'];
7. $log_username = stripslashes($log_username);
8. $log_password = stripslashes($log_password);
9. $log_password = md5($log_password);
10. $log_admin_query = "SELECT username, password
11. FROM admin
12. WHERE username = '$log_username' AND password = '$log_password' LIMIT 1";
13. $log_result = mysql_query($log_admin_query);
14. $log_check = mysql_num_rows($log_result);
15. if (count($log_check == 1)) {
16. session_start();
17. $_SESSION['logged_in'] = true;
18. $_SESSION['username'] = $log_username;
19. echo "You are logged in, " . $log_username;
20. ?>
21. <form name="logout_form" method="post" action="logout.php">
22. <table>
23. <tr>
24. <td>Username: <?php echo $log_username; ?></td>
25. <tr/>
26. <tr>
27. <td><input type="submit" name="log_out" value="log out"></td>
28. </tr>
29. <?php
30. } else {
31. echo "Invalid username or password";
32. }
33. } else {
34.  
35. # if someone try to open login.php only tells them to use form
36. echo "You must login over form, click <a href=\"form.php\">here</a> to to login";
37. }
38. mysql_close();
39. ?>