Usernames and passwords are stored in an array in the check-login web page. The md5() function is used to calculate the MD5 hash of passwords.
Action page of login.php:
login_action.php
<?php // Array of users: username => password $users["admin"] = "21232f297a57a5a743894a0e4a801fc3"; $users["vadim"] = "1bbd886460827015e5d605ed44252251"; foreach($users as $name => $password) { if($name == $_POST["username"] && $password == md5($_POST["password"])) { // Username and password are correct header("Location: private.php"); die(); } } // Username and password are incorrect header("Location: login.php") ?>