Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if(isset($_POST['submit'])){
- $user = $_POST['username'];
- $pw = $_POST['password'];
- //include db connection
- include('db_config.php');
- if((empty($user)||(empty($pw));
- echo"missing information";
- }else {
- $user = strip_tags($user);
- $user = $mysqli->real_escape_string($user);
- $pw = strip_tags($pw);
- $pw = $mysqli->real_escape_string($pw);
- $pw = md5($pw);
- if ($result = $mysqli->query("SELECT user_id, username FROM user WHERE username='$user' AND password='$pw'");
- if($query->num_rows!=1){
- while ($row = $result->fetch_object()) {
- $_SESSION['userid'] = $row->userid;
- header('Location: index.php');
- exit();
- }
- }
- ?>
- <form action="userlogin.php"method="post">
- <label>username </label><input type="text"name="username"/>
- <label>Password </label><input type="password"name="password"/>
- <input type="submit"name="login"/>
- </form>
Add Comment
Please, Sign In to add comment
