Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("include/db_con.php");
- if (isset($_POST['username']) && isset($_POST['password'])) {
- $myusername = $_POST['username'];
- $mypassword = $_POST['password'];
- $myusername = stripslashes($myusername);
- $mypassword = stripslashes($mypassword);
- $myusername = mysql_real_escape_string($myusername);
- $mypassword = mysql_real_escape_string($mypassword);
- $sql="SELECT * FROM " . DB_NAME . "WHERE username='$myusername' and password='$mypassword'";
- result = mysql_query($sql);
- if (mysql_num_rows($result) == 1) {
- session_register('myusername');
- session_register('mypassword');
- header("location:staff.php");
- }
- else {
- header("location:staff.php?error=2");
- }
- }
- else {
- header("location:staff.php?error=1");
- }
- ?>
Add Comment
Please, Sign In to add comment