// Connect to server and select databse.mysql_connect("$host", "$username", "$

1. // Connect to server and select databse.
2. mysql_connect("$host", "$username", "$password")or die("cannot connect");
3. mysql_select_db("$db_name")or die("cannot select DB");
4.  
5. // username and password sent from form
6. $myusername=$_POST['myusername'];
7. $mypassword=$_POST['mypassword'];
8.  
9. // To protect MySQL injection (more detail about MySQL injection)
10. $myusername = stripslashes($myusername);
11. $mypassword = stripslashes($mypassword);
12. $myusername = mysql_real_escape_string($myusername);
13. $mypassword = mysql_real_escape_string($mypassword);
14. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
15.  
16.  
17. // Mysqli_num_row is counting table row
18. $count=mysql_num_rows($result);
19.  
20. // If result matched $myusername and $mypassword, table row must be 0 row
21. if($count==1){
22.  
23. // Register $myusername, $mypassword and redirect to file "login_success.php"
24. session_register("myusername");
25. session_register("mypassword");
26. header("location:login_success.php");
27. }
28. else {
29. echo "Wrong Username or Password";
30. }
31. ?>