<?php require_once 'connection.php'; $data = new dataClass(); if (isset($_POST['action']) && !empty($_POST['action'])) { $action = $_POST['action']; switch ($action) { case 'checkLogin': $data->checkLogin(); break; } } //startPHP ////////////////// class dataClass { function checkLogin() { // username and password sent from form $myusername = $_POST['myusername']; $mypassword = $_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $myusername = mysql_real_escape_string($myusername); $sql = "SELECT * FROM user WHERE username='******'"; $result = mysql_query($sql); $currentUser = mysql_fetch_array($result); $salt = $currentUser['salt']; $mypassword = stripslashes($mypassword); $mypassword = mysql_real_escape_string($mypassword); //$saltedMD5Pass = md5($mypassword . $salt);