Help

2:49:17 PM
mysql_connect('localhost',$user,$pass);
mysql_select_db($dbname);
$var = 'SELECT Username FROM Users WHERE Username=$username AND Password=$password';

if(!$var)
{
return FALSE;
}
else
{
return TRUE;
}

mysql_close();
}

Code (markup):

What does that always return TRUE?

 

Because $var is a filled string, you forgot to execute it, mysql_query.
Sometimes happens to me then i code 6-7 hours ^^
don't forget to validate user input.

 

You could compress and optimize the code by weeding out unnecessary or unneeded steps. simply return

return $var.

 

@Traffic-Bug: This will not work very well because you can't check SELECT query on true or false, because value which contains query will be equal to something like this: "Resource id #101".
You need to use mysql_num_rows to determine true or false.