[Solved] error in mysql query string [closed]

Question

Let me convert your code to MySQLi at least. MySQL is already deprecated.

<?php

/* ESTABLISH CONNECTION */

$connect=mysqli_connect("YourHost","YourUsername","YourPassword","YourDatabase"); /* REPLACE NECESSARY DATA */

if(mysqli_connect_errno()){

echo "Error".mysqli_connect_error();
}

/* REPLACE THE NECESSARY POST DATA BELOW AND PRACTICE ESCAPING STRINGS BEFORE USING IT INTO A QUERY TO AVOID SOME SQL INJECTIONS */
$uname=mysqli_real_escape_string($connect,$_POST['username']);
$pass=mysqli_real_escape_string($connect,$_POST['password']);

$query = "SELECT * FROM `users` WHERE uname="$uname" AND pass="$pass"";
$result = mysqli_query($connect,$query); /* EXECUTE QUERY */

if(mysqli_num_rows($result)==0){ 
echo 'login failed';
var_dump($result);
}

else {
     while($row = mysqli_fetch_array($result)){
     echo $row['uname'];
     } /* END OF WHILE LOOP */
echo 'Successfully Logged-in.';
var_dump($query);
} /* END OF ELSE */

?>

Accepted Answer

Let me convert your code to MySQLi at least. MySQL is already deprecated.

<?php

/* ESTABLISH CONNECTION */

$connect=mysqli_connect("YourHost","YourUsername","YourPassword","YourDatabase"); /* REPLACE NECESSARY DATA */

if(mysqli_connect_errno()){

echo "Error".mysqli_connect_error();
}

/* REPLACE THE NECESSARY POST DATA BELOW AND PRACTICE ESCAPING STRINGS BEFORE USING IT INTO A QUERY TO AVOID SOME SQL INJECTIONS */
$uname=mysqli_real_escape_string($connect,$_POST['username']);
$pass=mysqli_real_escape_string($connect,$_POST['password']);

$query = "SELECT * FROM `users` WHERE uname="$uname" AND pass="$pass"";
$result = mysqli_query($connect,$query); /* EXECUTE QUERY */

if(mysqli_num_rows($result)==0){ 
echo 'login failed';
var_dump($result);
}

else {
     while($row = mysqli_fetch_array($result)){
     echo $row['uname'];
     } /* END OF WHILE LOOP */
echo 'Successfully Logged-in.';
var_dump($query);
} /* END OF ELSE */

?>