Simple login page

I am having a bit of trouble getting my password authentication to function for a page. Can anyone give me some advice what I am doing so wrong?

[php]<?php

mysql_connect(‘localhost’, ‘root’, ‘root’) or die(mysql_error());
mysql_select_db(‘test’) or die(mysql_error());

$username = $_POST[‘user’];
$password = $_POST[‘password’];

class login {

private $user;

function __construct($user) {
	$this->user = $user;
}

function getUser() {
	return $this->user;
}

function validateUser($password) {
	// query mysql to authenticate user

    $sql = "SELECT * FROM users";
    $run = mysql_query($sql);
    $row = mysql_fetch_array($run);
    
    if (mysql_num_rows($run) ==1) {
        $_SESSION['logged_in'] = true;
        $_SESSION['id'] = $row['id'];
        $_SESSION['name'] = $row['name'];
        
        return true;
        
        }else{
            return false;
        }
}

}

if ($_POST) {
$login = new login($_POST[‘user’]);
if ($login->validateUser($_POST[‘password’])) {
print 'Thanks for logging in ’ . $login->getUser() . '. Your email is: ’ . $email;
die();
} else {
print ‘Uhhh…something went wrong’;
}
}[/php]

hello tjaymz,
i think you code need to improve. In you code you did not checking the authentication.
i think you validateUser($password) function should be like this
function validateUser($username, $password) {
$sql = “SELECT * FROM users where username=’”.$username"’ and password=’".$password"’";
$run = mysql_query($sql);
$row = mysql_fetch_array($run);
if (mysql_num_rows($run) ==1)
{
$_SESSION[‘logged_in’] = true;
$_SESSION[‘id’] = $row[‘id’];
$_SESSION[‘name’] = $row[‘name’];
return true;

     }
	 else{
        return false;
     }

}

if ($_POST) {
$username = $_POST[‘user’];
$password = $_POST[‘password’];
$loginoj = new login($username);
if ($loginoj->validateUser($username, $password))
{
print 'Thanks for logging in ’ . $loginoj->getUser() . '. Your email is: ’ . $email;
die();
}
else {
print ‘Uhhh…something went wrong’;
}
}

i hope this will helpful for you.

SR