Code: Select all
<?php
include_once 'connect.php';
session_start();
if (isset($_POST['submit']))
{
$player=$_POST['player'];
$password=$_POST['password'];
$player=strip_tags($player);
$password=strip_tags($password);
$query = "select name,password from players where name='$player' and password='".md5($_POST['password'])."'";
$result = mysql_query($query) or die("Could not query players");
$result2 = mysql_fetch_array($result);
if ($result2)
{
$_SESSION['player']=$player;
echo "<big>Logged in successfully<br>";
echo "<A href='index.php'>Continue</a></big>";
}
else
{
echo "<big>Wrong username or password.<A href='login.php'>Try Again</a></big>";
}
}
?>