The login form is not working correctly, when I type Invalid credentials, It is still redirecting to account.php
<?php
include("dbsettings.php");
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Get values from form
$charName=$_POST['charName'];
$charRace=$_POST['charRace'];
$charClass=$_POST['charClass'];
$charLvl=$_POST['charLvl'];
$prof1=$_POST['charprofession1'];
$prof2=$_POST['charprofession2'];
$email=$_POST['email'];
$password=$_POST['password'];
$pass2=$_POST['password2'];
$sql="select * from `" . $tbl_name . "` where `charName`='" . $charName . "' and `password`='" . $password . "' ";
$result=mysql_query($sql);
$_SESSION['charName'];
$_SESSION['password'];
if(!$result)
echo "Wrong Username or Password. Please try again.";
else {
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=account.php">';
exit;
}
?>
<?php
include("dbsettings.php");
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Get values from form
$charName=$_POST['charName'];
$charRace=$_POST['charRace'];
$charClass=$_POST['charClass'];
$charLvl=$_POST['charLvl'];
$prof1=$_POST['charprofession1'];
$prof2=$_POST['charprofession2'];
$email=$_POST['email'];
$password=$_POST['password'];
$pass2=$_POST['password2'];
$sql="select * from `" . $tbl_name . "` where `charName`='" . $charName . "' and `password`='" . $password . "' ";
$result=mysql_query($sql);
$_SESSION['charName'];
$_SESSION['password'];
if(!$result)
echo "Wrong Username or Password. Please try again.";
else {
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=account.php">';
exit;
}
?>