Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include("connection.php"); //Establishing connection with our database
- $error = ""; //Variable for storing our errors.
- if(isset($_POST["submit"]))
- {
- if(empty($_POST["username"]) || empty($_POST["password"]))
- {
- $error = "Both fields are required.";
- }else
- {
- // Define $username and $password
- $username=$_POST['username'];
- $password=$_POST['password'];
- // To protect from MySQL injection
- $username = stripslashes($username);
- $password = stripslashes($password);
- $username = mysql_real_escape_string($db, $username);
- $password = mysql_real_escape_string($db, $password);
- $password = md5($password);
- //Check username and password from database
- $sql="SELECT uid FROM users WHERE username='$username' and password='$password'";
- $result=mysql_query($db,$sql);
- $row=mysql_fetch_array($result,MYSQL_ASSOC);
- //If username and password exist in our database then create a session.
- //Otherwise echo error.
- if(mysql_num_rows($result) == 1)
- {
- $_SESSION['username'] = $username; // Initializing Session
- header("location: home.php"); // Redirecting To Other Page
- }else
- {
- $error = "Incorrect username or password.";
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
