function is_valid_user($username, $password)
{

$query = "select user_id, username from users
where username = '".$username."' and password = '".md5($password)."' limit 1";
$result = mysql_query($query);

$rows = mysql_num_rows($result);

if($rows > 0){
$data = mysql_fetch_assoc($result);
$_SESSION['username'] = $data['username'];
$_SESSION['logged_in'] = true;
return true;
}
else{
return false;
}

}

Advertisements