Public paste
Fix voor Erwin
By: Xmoo | Date: Mar 12 2009 11:41 | Format: PHP | Expires: never | Size: 1.29 KB | Hits: 556

  1. <?php
  2. $host = "localhost"; // Host name
  3. $username = "root"; // Mysql username
  4. $password = ""; // Mysql password
  5. $db_name = "intranet"; // Database name
  6. $tbl_name = "users"; // Table name
  7.  
  8. // Connect to server and select databse.
  9. mysql_connect("".$host."", "".$username."", "".$password."")or die("cannot connect");
  10. mysql_select_db("".$db_name."")or die("cannot select DB");
  11.  
  12. // username and password sent from form
  13. $myusername = $_POST['username'];
  14. $mypassword1 = $_POST['password'];
  15. $mypassword = md5($mypassword1);
  16.  
  17. // To protect MySQL injection
  18. $myusername = stripslashes($myusername);
  19. $mypassword = stripslashes($mypassword);
  20. $myusername = mysql_real_escape_string($myusername);
  21. $mypassword = mysql_real_escape_string($mypassword);
  22.  
  23. $sql="SELECT * FROM ".$tbl_name." WHERE username='".$myusername."' and password='".$mypassword."'";
  24. $result=mysql_query($sql);
  25.  
  26. // Mysql_num_row is counting table row
  27. $count=mysql_num_rows($result);
  28. // If result matched $myusername and $mypassword, table row must be 1 row
  29.  
  30. if($count==1){
  31. // Register $myusername, $mypassword and redirect to file "login_success.php"
  32. $_SESSION['myusername'] = $count->myusername;
  33. $_SESSION['mypassword'] = $count->mypassword;
  34. header("location:index.php");
  35. }
  36. else {
  37. echo "Wrong Username or Password";
  38. }
  39. ?>