I am writing a security check script, and using an include statement
on each of the pages that I am wanting it to check on. Below is the
code for the security script and include statement, can someone point
out what I am doing wrong.
Weeks
------------------- Include statement
<?php include("../Sec/secheck.php"); ?>
------------------- Security statement
<?php
$user_name = $_POST['user_name'];
$pword = $_POST['pword'];
include("../Connections/database.php");
$sql = "select user_name, pword, sec_level from tbl_logins where
user_name='$user_name' and pword='$pword'";
$result = mysql_query($sql, $DBconn);
$count = mysql_num_rows($result);
if($count==1){
session_start();
session_register("user_name");
session_register("pword");
session_register("sec_level");
header("location:../index.html");
}
else {
echo "Bad Username or Password";
}
?>
