ok, im guessing the main point is to check username/pw against a db? if so this should work:
<?
if($_POST['submit'])
{
mysql_connect(connection shit) or die("connection failed.");
mysql_select_db(db) or die("db selection failed.");
$query="SELECT * FROM Users WHERE Username=$_POST['username'] LIMIT 1";
$r=ql_query($query) or die("query failed.");
if($r && mysql_num_rows>0)
$data=mysql_fetch_array($r);
else
die("Error with db.");
$user=$_POST['username'];
$pass=$_POST['password'];
if($user==$data['user'] && md5($pass)==$data['pass'])
header("Location:successful_login_page");
else
header("bad_login_page");
}else{ // no post variables -> build form //
?>
<form action=<?=$PHP_SELF?> method=post>
Username: <input type=text name=username><br>
Password: <input type=password name=password><br>
<input type=submit name=submit value=" Login "><br>
<?
} // eof //
?>
that will work if:
db = Users
db_user_title=user
db_user_pass=pass
db_pass is saved with md5 encryption..
let me know how that works (it might have some parse errors cause i just did it here, but you get the general idea right?)
