<?php

$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="personal"; // Database name 
$tbl_name="registration"; // Table name 



// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");



// username and password sent from form 
$MyEmail=$_POST['MyEmail']; 
$MyPassword=$_POST['MyPassword']; 



// To protect MySQL injection (more detail about MySQL injection)
$MyEmail = stripslashes($MyEmail);
$MyPassword = stripslashes($MyPassword);
$MyEmail = mysql_real_escape_string($MyEmail);
$MyPassword = mysql_real_escape_string($MyPassword);

$sql="SELECT * FROM $tbl_name WHERE Email='$MyEmail' and Password='$MyPassword'";
$result=mysql_query($sql);



// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $Myemail and $MyPassword, table row must be 1 row

if($count==1){

// Register $MyEmail, $MyPassword and redirect to file "login_success.php"

session_start();
$_SESSION['user_name']=$MyEmail;
$_SESSION['pwd']=$MyPassword;
//session_register("MyEmail");
//session_register("MyPassword"); 
header("location:ListData.php");
}
else {
echo "Wrong Username or Password";
}
?>