Untitled

<html>

<body>

<?php
$host="localhost";
$dbuser="admin";
$dbpass="admin";
$db="my_db";
$table="users";
$regdate=date("Y-m-d");


//brukernavn og passord sendt fra loginsiden
$username=$_POST['bruker'];
$pasword=$_POST['passord'];
$login=$_GET['login'];

session_start();

    if(isset($_SESSION['login']))
        {
            die("You are already logged in!"); //sjekker om du allerede er logget inn!
        }


    if($login=='ok'){

    //koble til database
    $con = mysql_connect($host, $dbuser, $dbpass)or die("cannot connect!");


    //velg database
    mysql_select_db("$db")or die("cannot select db! ");

    $get = mysql_query ("SELECT count(ID) FROM $table WHERE fornavn='$username' and etternavn='$pasword'") or die(mysql_error());
         $result=mysql_result($get,0) or die(mysql_error());

    mysql_close($con);

        if($result !=1) {
        echo 'login fail!';
        }
        else{

            $_SESSION['login']="ok";
            $_SESSION['navn'] = $_POST['bruker'];
            include("hemmelig.php");
        }

    }


if(!$con)
    {
    die('Could not connect: ' .mysql_error());
    }


?>

</body>

</html>