<?php
session_start();

$db_servername = 'localhost';
$db_login = '';
$db_password = '';
$db_name = '';

mysql_connect("$db_servername", "$db_login", "$db_password");
mysql_select_db("$db_name");

function filter($variable)
{
    if(get_magic_quotes_gpc())
        $variable = stripslashes($variable);

    return mysql_real_escape_string(htmlspecialchars(trim($variable))); 
}

if (isset($_GET['wyloguj'])==1) 
{
	$_SESSION['zalogowany'] = false;
	session_destroy();
}

if (isset($_POST['loguj'])) 
{
	
	if (mysql_num_rows(mysql_query("SELECT * FROM `users` WHERE `user_login`='$login' && `user_pass`='$password' && `aktywne`='1'")) > 0) 
	{
		$_SESSION['zalogowany'] = true;
		$_SESSION['login'] = $login;
	}
	else { echo "Wpisano zle dane lub konto nieaktywne."; }
}

if ($_SESSION['zalogowany']==true)
{
	echo "Zalogowano jako <b>".$_SESSION['login']."</b>"; echo '<a href="?wyloguj=1"> [Wyloguj]</a>';
	
}

if ($_SESSION['zalogowany']==false): ?>

<form method="POST" action="index.php">
<b>Login:</b> <input type="text" name="login"><br>
<b>Hasło:</b> <input type="password" name="password"><br>
<input type="submit" value="Zaloguj" name="loguj">
</form>

---------------------------------------------------

<form method="POST" action="rejestracja/index.php">
<input type="submit" value="Rejestracja nowego konta">
</form>

<?php 
endif;
mysql_close(); 
?>