public function login_student($student_id, $student_password) { if (empty($student_id) || empty($student_password)) { echo "Username or Password is invalid"; return false; } $student_id = stripslashes($student_id); $student_password = stripslashes($student_password); $student_id = mysql_real_escape_string($student_id); $student_password = mysql_real_escape_string($student_password); $student_password = sha1($student_password); $students_rec = mysql_query("SELECT * FROM " . $this->students_table . " where student_id = {$student_id};"); if (($obj = mysql_fetch_object($students_rec)) != NULL) { $student = new student($obj->student_id, $obj->user_name, $obj->user_password, $obj->change_password); if ($student->getUser_password() == $student_password) { echo "welcome " . $student->getUser_name(); return true; } else { echo "Wrong password"; return false; } } else { echo "No such user!"; return false; } }