pdo select
function login_user() { global $connection; if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; //$query = "SELECT * FROM users WHERE username = '{$username}' AND password = '{$password}'"; $query = "SELECT * FROM users WHERE username = ? AND password = ?"; $send_query = $connection->prepare($query); //$send_query->execute(array()); $send_query->execute(array($username, $password)); $send_query->setFetchMode(PDO::FETCH_ASSOC); i f (($send_query->rowCount()== 0)) { set_message("Password or Username are wrong"); redirect("login.php"); } else { set_message("Welcome to Admin {$username}"); redirect("admin"); } } }