//=======THIS IS THE FUNCTION FROM THE PHP MANUAL function quote_smart($value) { // Stripslashes if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not integer if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value) . "'"; } return $value; }//=======END OF FUNCTION FROM THE PHP MANUAL ?> //Connect to database $connect=mysql_connect("localhost","root","") or die(mysql_error()); $choose=mysql_select_db("test",$connect); if($choose) { if(isset($_POST["submit"])) { //provuceni kroz funkcije za sigurnost $username=htmlspecialchars($_POST["username"]); $password=htmlspecialchars($_POST["password"]); $username=quote_smart($username); $password=quote_smart($password); //pošalji bazi zahtjev da traži ima li taj user $SQL="SELECT * FROM members WHERE username=$username AND password=$password"; $result=mysql_query($SQL); //traži se postoji li korisnik $numrows=mysql_num_rows($result); if($result) { //ako korisnik postoji if($numrows==1) { //ako je pritisnut remember me checkbox if(isset($_POST["rememberme"])) { setcookie("username",$username,time()+60*60*24*365,"http://localhost/PHPMySQL/cookie"); setcookie("password",md5($password),time()+60*60*24*365,"http://localhost/PHPMySQL/cookie"); header("Location:page1.php"); } else { setcookie("username",$username,false,"http://localhost/PHPMySQL/cookie"); setcookie("password",md5($password),false,"http://localhost/PHPMySQL/cookie"); header("Location:page1.php"); } } //ako korisnik ne postoji else { echo "Wrong username or password"; } } //problem s bazom, kriva tabela ili slicno else { echo "Problem with database."; } } mysql_close($connect); } else { echo "Error with databse."; } ?>