PHPize Online / SQLize Online  /  SQLtest Online

<?php session_start(); ?> <?php include("include/header.php"); ?> <?php include('config.php');?> <?php if(isset($_SESSION["session_username"])){ header("Location: index.php"); } if(isset($_POST["login"])){ if(!empty($_POST['username']) && !empty($_POST['password'])) { $username=htmlspecialchars($_POST['username']); $password=htmlspecialchars($_POST['password']); $query=mysql_query("SELECT * FROM usertbl WHEREusername='".$username."' AND password='".$password."'"); $numrows=mysql_num_rows($query); if($numrows!=0) { while($row=mysql_fetch_assoc($query)) { $dbusername=$row['username']; $dbpassword=$row['password']; } if($username == $dbusername && $password == $dbpassword) { session_start(); $_SESSION['session_username']=$username; /* Перенаправление браузера */ header("Location: index.php"); } } else { echo "Неккоректное имя пользователя"; } } else { $message = "All fields are required!"; } } ?>