Quote:
I was tried some code it does not work.
"It doesn't work" is probably the most useless problem report we get - and we get it a lot. It tells us nothing about what is happening, or when it happens.
So tell us what it is doing that you didn't expect, or not doing that you did.
Tell us what you did to get it to happen.
Tell us any error messages.
In this case, all you check for is that the username and password as entered by the user are no blank - you need to actually confirm that the password he entered matches the information stored in the DB for that specific username.
But that's not as simple as "is it the same?" becuas etehre are a lot of complications here, including some legal restrictions which could easily bankrupt you if you aren't careful enough because you have to store passwords in a "safe form". There is some information on how to do it here:
Password Storage: How to do it.[
^] - the code examples are all in C#, but the principle is the same in whatever language, so get the idea straight in your head, then google for PHP and password hashing and you should find loads of examples.
Just remember: this is web based so if you have any European Union users then GDPR applies and that means you need to handle passwords as sensitive data and store them in a safe and secure manner. Text is neither of those and the fines can be .... um ... outstanding. In December 2018 a German company received a relatively low fine of €20,000 for just that.