Please let me know anyone if thats not the correct way.
Code: Select all
if (!$result = @mysqli_query($link, 'SELECT * FROM users WHERE `username`=\'' . $user . '\' AND `password`=sha1(\'' . $pass . '\')')) {
echo getHeader();
echo '<div id=centreall><p>Error: ' . mysqli_error($link) . '.</p></div>';
echo getFooter();
exit;
}
$row_cnt = mysqli_num_rows($result);
if ($row_cnt >0) {
while ($row = mysqli_fetch_assoc($result)) {
$link=$row['link'];
}
$_SESSION['valid_user'] = $user;
$_SESSION['group'] = $link;
header ('location:' . $link . '.php5');
exit;
}