0) {
header("Location:home.php");
}
if ($_POST) {
if ($_POST["username"] != "" && $_POST["password"] != "") {
$sql="SELECT * FROM users WHERE username='".$_POST["username"]."' AND password='".md5($_POST["password"])."'";
$rs = mysql_query($sql);
if (mysql_num_rows($rs) == 1) {
$user = mysql_fetch_assoc($rs);
$_SESSION["username"] = $user["username"];
$_SESSION["userid"] = $user["id"];
$_SESSION["name"] = $user["firstname"] . " " . $user["lastname"];
$_SESSION["status"] = $user["status"];
header("Location:home.php");
} else {
$errorMsg = "Your username/password is incorrect";
}
}
}
?>
Quoter
