hello guys.. this week i've been practicing how to create a system using php. but im stack in the area wherein you are going to authenticate username and password. can you help me guys to figure out how to solve my problem?

here is my code:

// we must never forget to start the session
session_start();

$host="localhost"; // Host name
$dbusername="root"; // Mysql username
$dbpassword=""; // Mysql password
$db_name="STUDENT"; // Database name
$tbl="account"; // Table name



// This connects to server and then SELECTS the members databse.

mysql_connect("$host", "$dbusername", "$dbpassword")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$txt = 'Account Authentication';

$errorMessage = '';
if (isset($_POST['username']) && isset($_POST['password'])) {


$username = $_POST['username'];
$password = $_POST['password'];

// check if the user id and password combination is correct
$sql = ("SELECT id, username, PASSWORD
FROM account
WHERE username = '".mysql_real_escape_string($_POST['username'])."'");


$result = mysql_query($sql)
or die('Query failed. ' . mysql_error());

echo mysql_num_rows($result);

if (mysql_num_rows($result) == 1) {
// the user id and password match,
// set the session
$_SESSION['db_is_logged_in'] = true;

// after login we move to the main page
header('Location: main.php');
exit;

}
else {
$errorMessage = 'Username and Password not FOUND!';
}

}
?>





Account Authentication

Is the name for the password field PASSWORD or password?


the name of the password field is password...