<?php include '../connect.php';session_start();function clean($str) {

1. <?php
2.  
3. include '../connect.php';
4. session_start();
5.  
6. function clean($str) {
7. $str = @trim($str);
8. if(get_magic_quotes_gpc()) {
9. $str = stripslashes($str);
10. }
11. return mysqli_real_escape_string($str);
12. }
13.  
14. //Sanitize the POST values
15. $login = clean($_POST['username']);
16. $password = clean($_POST['password']);
17.  
18. //Input Validations
19. if($login == '') {
20. $errmsg_arr[] = 'Username missing';
21. $errflag = true;
22. }
23. if($password == '') {
24. $errmsg_arr[] = 'Password missing';
25. $errflag = true;
26. }
27.  
28. //If there are input validations, redirect back to the login form
29.  
30.  
31. //Create query
32. $qry="SELECT * FROM table_admin WHERE username='$login' AND password='$password'";
33. $result=mysqli_query($qry,$conn);
34.  
35. //Check whether the query was successful or not
36. if($result) {
37. if(mysqli_num_rows($result) > 0) {
38. //Login Successful
39. session_regenerate_id();
40. $member = mysql_fetch_assoc($result);
41. $_SESSION['SESS_MEMBER_ID'] = $member['id'];
42. $_SESSION['SESS_FIRST_NAME'] = $member['name'];
43. $_SESSION['SESS_LAST_NAME'] = $member['email'];
44. $_SESSION['SESS_PRO_PIC'] = $member['file'];
45. session_write_close();
46. header("location: index.php");
47. exit();
48. }else {
49.  
50. echo '<script language = "javascript">';
51. // echo "window.location.href='login.php'";
52. echo "alert('Something went wrong, Enter correct details');window.location.href='login.php'";
53. echo '</script>';
54. exit;
55. // echo "<script language = 'javascript'> alert('Wrong Details');'</script>";
56.  
57.  
58. }`enter code here`
59. }else {
60. die("Query failed");
61. }
62. ?>