<?

php
if ($_REQUEST['Submit']){
$db=mysql_connect ("localhost", "root", "");
mysql_select_db ("alumni");
$username=$_REQUEST['username'];
$password=$_REQUEST['password'];
$Submit=$_REQUEST['Submit'];
//echo ($username.$password.$Submit);
echo("<br>Nama login ".$username." <br>");
$username= str_replace("'", "bengong", $username); // check ' ganti ngan perka
taan bengong
$username= str_replace("-", "bengong", $username); // check ' ganti ngan perka
taan bengong
$username= str_replace(" ", "bengong", $username); // check ' ganti ngan perka
taan bengong
echo("<br>Nama yang lepas check ".$username." <br>");

$sql = "select username, password from myuser where username = '$username' &&
password = '$password';";
echo("<br>".$sql." <br>");
mysql_query($sql);
$result=mysql_query ($sql,$db);
if ($myrow=mysql_fetch_array($result)) {
do {
echo("terima kasih kerana login ".$_REQUEST['username']
);
} while ($myrow=mysql_fetch_array($result));
} else {
echo "login salah<br>";
}

}else{
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.or

g/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>

</head>
<body><label></label>
<form id="form1" name="form1" method="post" action="">
<label>Username :
<input type="text" name="username">
</label><br />
<label>Password :
<input type="text" name="password">
</label><br />
<label>
<input type="submit" name="Submit" value="Login">
</label>
</form>
<p>&nbsp;</p>
</body>
</html>
<?php
}
?>
</body>
</html>