<body class="login-body"> <div class="login-container"> <div id="login-form

1. <body class="login-body">
2. <div class="login-container">
3. <div id="login-form">
4. <h3>Login</h3>
5. <fieldset>
6. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
7. <input name="username" type="text" maxlength="20" placeholder="Enter your provided username" required autofocus>
8. <input name="password" type="password" maxlength="25" placeholder="Enter your password" required>
9. <input type="submit" name="login" value="Login">
10. </form>
11. </fieldset>
12. </div>
13. </div>
14. </body>
15.  
16. <?php
17.  
18. } else {
19.  
20. $_username = $_POST['username'];
21. $_password = md5($_POST['password']);
22.  
23. if (!isset($_username) ||
24. !isset($_password) ||
25. !ctype_alnum($_username) ||
26. strlen($_username) > 10 ||
27. strlen($_username) <= 3 ||
28. strlen($_password) <= 3 ||
29. strlen($_password) > 16 ||
30. !ctype_alnum($_password)
31. ) {
32. header('Location: http://media1.mystcp.pw/');
33. }
34.  
35. $_username = mysqli_real_escape_string($_mysql, $_username);
36. $_password = mysqli_real_escape_string($_mysql, $_password);
37.  
38. $_username = addslashes($_username);
39. $_password = addslashes($_password);
40.  
41. $_beta_check = mysqli_query($_mysql, "SELECT * FROM users WHERE username='" . $_username . "';");
42. $_result = mysqli_fetch_assoc($_beta_check);
43.  
44. if ($_result['username'] == $_username && $_result['password'] == $_password) {