Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once("include/db_con.php");
- $myusername = $_POST['username'];
- $mypassword = $_POST['password'];
- $myusername = stripslashes($myusername);
- $mypassword = stripslashes($mypassword);
- $myusername = mysqli_real_escape_string($myusername);
- $mypassword = mysqli_real_escape_string($mypassword);
- $mypassword = md5(sha1($mypassword));
- $sql = "SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
- $result = mysqli_query($db_con,$sql);
- $count = mysql_num_rows($result);
- if ($count == 1) {
- session_start();
- $_SESSION['username'] = $myusername;
- header("location:staff.php");
- }
- else {
- header("location:staff.php?error=1");
- }
- ?>
Add Comment
Please, Sign In to add comment