<?php session_start();include_once ("common/connect.php");$email = $_POS

1. <?php
2. session_start();
3. include_once ("common/connect.php");
4.  
5. $email = $_POST ['email'];
6. $pass = $_POST ['pass'];
7.  
8. $query = "SELECT ID,email,password FROM users WHERE email = '$email' AND password = '$pass'";
9.  
10.  
11. if (!($mysql_rs = mysql_query($query, $conn)))
12.         die("WTF is wrong with the DB");
13.        
14. while ($row = mysql_fetch_array($mysql_rs, MYSQL_ASSOC)) {
15.     $user = $row["email"];
16.     $contra = $row["password"];
17.     $_SESSION["id"] = $row["ID"];
18. }
19.  
20. $id = $_SESSION["id"];
21. $query2 = "SELECT user_id, game_id FROM users_results WHERE user_id = 7 AND game_id = 48";
22.  
23. if (($user == $email) && ($contra == $pass)){
24.     if(mysql_num_rows($query2)){
25.         header("Location: user_results_table.php");
26.         exit;
27.     }else{
28.     header("Location: game_1.php");
29.     }
30. }else{
31.     die("you dont belong here");
32. }