// Better version of
http://pastebin.com/ut1Sh2sF
<?php
include ("./inc/template/header-index.php");
if(isset($_SESSION['username']))
{
header("Location: cpu.php");
}
$d =(isset($_GET['do']) && $_GET['do'] == 'check');
{
if(isset($_POST['username']) && isset($_POST['password']))
{
$uName = mysql_real_escape_string($_POST['username']);
$pWord = mysql_real_escape_string(md5($_POST['password']));
$aSQL = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'") or die(mysql_error());
if(!mysql_num_rows($aSQL))
{
$error = "Enter you username and password to log in";
}else{
$_SESSION['username'] = true;
$_SESSION['password'] = $password;
header("Location: cpu.php");
}
}
?>
<?php if(isset($error)) { echo "".$error.""; } ?>
<form action="/index.php?do=check" method="post">
<input type="text" name="username" placeholder="Username" /><br>
<input type="password" name="password" placeholder="Password" /><br>
<input type="submit" name="login" value="Login" />
</form>