Need help to add value check from database

[nedim]

I want to add additional value check from database, field is  Scode from table Login, and if the value is true form pwd field and Scode (value in Scode isnt encoded, there are just numbers) then to continue with password change, this is my present php code:

<?php
function encode($password)
{
    $EncTable = array('!'=>'95', '"'=>'88', '#'=>'9D', '$'=>'4C', '%'=>'F2', 
'&'=>'3E', '\''=>'BB', '('=>'C0', ')'=>'7F', '*'=>'18', '+'=>'70', 
','=>'A6', '-'=>'E2', '.'=>'EC', '/'=>'77',
                        '0'=>'2C', '1'=>'3A', '2'=>'4A', '3'=>'91', 
'4'=>'5D', '5'=>'7A', '6'=>'29', '7'=>'BC', '8'=>'6E', '9'=>'D4', ':'=>'40', 
';'=>'17', '<'=>'2E', '='=>'CB', '>'=>'72', '?'=>'9C',
                        '@'=>'A1', 'A'=>'FF', 'B'=>'F3', 'C'=>'F8', 
'D'=>'9B', 'E'=>'50', 'F'=>'51', 'G'=>'6D', 'H'=>'E9', 'I'=>'9A', 'J'=>'B8', 
'K'=>'84', 'L'=>'A8', 'M'=>'14', 'N'=>'38', 'O'=>'CE',
                        'P'=>'92', 'Q'=>'5C', 'R'=>'F5', 'S'=>'EE', 
'T'=>'B3', 'U'=>'89', 'V'=>'7B', 'W'=>'A2', 'X'=>'AD', 'Y'=>'71', 'Z'=>'E3', 
'['=>'D5', '\\'=>'BF', ']'=>'53', '^'=>'28', '_'=>'44',
                        '`'=>'33', 'a'=>'48', 'b'=>'DB', 'c'=>'FC', 
'd'=>'09', 'e'=>'1F', 'f'=>'94', 'g'=>'12', 'h'=>'73', 'i'=>'37', 'j'=>'82', 
'k'=>'81', 'l'=>'39', 'm'=>'C2', 'n'=>'8D', 'o'=>'7D',
                        'p'=>'08', 'q'=>'4F', 'r'=>'B0', 's'=>'FE', 
't'=>'79', 'u'=>'0B', 'v'=>'D6', 'w'=>'23', 'x'=>'7C', 'y'=>'4B', 'z'=>'8E', 
'{'=>'06', '|'=>'5A', '}'=>'CC', '~'=>'62');

    $Encode = "0x";

    for ($i = 0; $i < strlen($password); $i++)
        $Encode .= $EncTable[$password[$i]];

    return $Encode;
}

function decode($password)
{
    $DecTable = array('95'=>'!', '88'=>'"', '9D'=>'#', '4C'=>'$', 'F2'=>'%', 
'3E'=>'&', 'BB'=>'\'', 'C0'=>'(', '7F'=>')', '18'=>'*', '70'=>'+', 
'A6'=>',', 'E2'=>'-', 'EC'=>'.', '77'=>'/',
                        '2C'=>'0', '3A'=>'1', '4A'=>'2', '91'=>'3', 
'5D'=>'4', '7A'=>'5', '29'=>'6', 'BC'=>'7', '6E'=>'8', 'D4'=>'9', '40'=>':', 
'17'=>';', '2E'=>'<', 'CB'=>'=', '72'=>'>', '9C'=>'?',
                        'A1'=>'@', 'FF'=>'A', 'F3'=>'B', 'F8'=>'C', 
'9B'=>'D', '50'=>'E', '51'=>'F', '6D'=>'G', 'E9'=>'H', '9A'=>'I', 'B8'=>'J', 
'84'=>'K', 'A8'=>'L', '14'=>'M', '38'=>'N', 'CE'=>'O',
                        '92'=>'P', '5C'=>'Q', 'F5'=>'R', 'EE'=>'S', 
'B3'=>'T', '89'=>'U', '7B'=>'V', 'A2'=>'W', 'AD'=>'X', '71'=>'Y', 'E3'=>'Z', 
'D5'=>'[', 'BF'=>'\\', '53'=>']', '28'=>'^', '44'=>'_',
                        '33'=>'`', '48'=>'a', 'DB'=>'b', 'FC'=>'c', 
'09'=>'d', '1F'=>'e', '94'=>'f', '12'=>'g', '73'=>'h', '37'=>'i', '82'=>'j', 
'81'=>'k', '39'=>'l', 'C2'=>'m', '8D'=>'n', '7D'=>'o',
                        '08'=>'p', '4F'=>'q', 'B0'=>'r', 'FE'=>'s', 
'79'=>'t', '0B'=>'u', 'D6'=>'v', '23'=>'w', '7C'=>'x', '4B'=>'y', '8E'=>'z', 
'06'=>'{', '5A'=>'|', 'CC'=>'}', '62'=>'~');


    for ($i = 0; $i < strlen($password); $i++)
{
	$Hex = sprintf("%02x", ord($password[$i]));
        $Decode .= $DecTable[strtoupper($Hex)];
}

    return $Decode;
}
function auth($ID, $PWD)
{
$connect = mssql_connect('10.0.0.1', 'SA', 'nedim');
$db = mssql_select_db('kal_auth', $connect);

$q = mssql_query("SELECT [PWD] FROM Login WHERE [iD] = '$ID'", $connect);
$r = mssql_fetch_array($q);
$pwd = decode($r['PWD']);

if($pwd == $PWD)
return true; 
else
	return false;
}

function change($ID, $PWD)
{
$connect = mssql_connect('10.0.0.1', 'SA', 'nedim');
$db = mssql_select_db('kal_auth', $connect);

$EPWD = encode($PWD);

mssql_query("UPDATE [Login] SET [PWD] = ".$EPWD." WHERE [iD] = '{$ID}'", 
$connect);
}

if( isset($_POST['change']) )
{
$id = $_POST['id'];
$oldpwd = $_POST['oldpwd'];
$pwd1 = $_POST['pwd1'];
$pwd2 = $_POST['pwd2'];

if($id == "")
{
	echo "Please type in your id!";
	return;
}

if($oldpwd == "")
{
	echo "Please type in your password!";
	return;
}

if($pwd1 == "")
{
	echo "Please type in your new password!";
	return;
    }
     if($sn == "")
{
	echo "Please type in your SN!";
	return;
}

if(auth($id, $oldpwd))
{
	if($pwd1 != $pwd2)
	{
		echo "Passwords do not match...";
	}
	else
	{
		change($id, $pwd2);
		echo "<font color=\"Red\"> Password changed successfully.. </font>";
	}
}
else
{
	echo "Wrong password...";
}


return;
}

?>

 

And this is HTML code:

 

<form action="" method="post">
  <label></label> 
  <p><label></label> 
  <table class="Grid" style="WIDTH: 350px" cellspacing="0" cellpadding="0" align="left" border="0">
    <tr>
      <td colspan="2"> </td>
    </tr>

    <tr>
      <td>
        <p align="left">ID:</p>
      </td> 
      <td>
        <p align="left"><input id="id" name="id"></p>

        <div align="center">
        </div>
      </td>
    </tr>

    <tr>
      <td>
        <p align="left"><label>Old password:</label></p>
      </td> 
      <td>
        <p align="left"><input id="oldpwd" type="password" name="oldpwd"></p>

        <div align="center">
        </div>
      </td>
    </tr>

    <tr>
      <td>
        <p align="left">New Password: </p>
      </td> 
      <td>
        <p align="left"><input id="pwd1" type="password" name="pwd1"></p>

        <div align="center">
        </div>
      </td>
    </tr>
<tr>
      <td>
        <p align="left"> New password agin</p>
      </td> 
      <td>
        <p align="left"><input id="pwd2" type="password" name="pwd2"></p>

        <div align="center">
        </div>
    <tr>
      <td>
        <p align="left"> Secret Number</p>
      </td> 
      <td>
        <p align="left"><input id="sn" type="text" name="sn"></p>

        <div align="center">
        </div>
      </td>
    </tr>

    <tr>
      <td colspan="2" height="50">
        <p align="left"><input class="Button" type="submit" value="Change Password" name="change"></p>

        <div align="center">
        </div>

        <tr>
          <td></td>
        </tr>
      </table>
      <p> </p>
    </form>

 

Im total beginner and this isnt my code but i will be grateful anyone that helps. Thank you.