prepare("SELECT * FROM login WHERE username= '$user' AND password= '$password'"); $result->bindParam(':hjhjhjh', $user); $result->bindParam(':asas', $password); $_SESSION['user']=$user; $result->execute(); $rows = $result->fetch(PDO::FETCH_NUM); if($rows > 0) { header("location:http://kavintechsolutions.com.sg/bparc/calendar/admin.php"); } else{ $errmsg_arr[] = 'Username and Password are not found'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location:calendar/admin.php"); exit(); } } if(isset($_POST['regbtn'])){ $username=$_POST['username']; $password=$_POST['password']; $bdd->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $sql = "INSERT INTO login (userName, password) VALUES ('$username', '$password')"; $sth = $bdd->query($sql); } ?>