Regarding Login using PHP/MSSQL

[hours12]

May I know how come my code can't work. I've check a few times. It doesn't have any Error Message. Please Help, people...

 

<?php

if(isset($_POST["loginid"])

{

$passwordvar = $_POST["password"];

$loginidvar = $_POST["loginid"];

 

 

//connects to MSSQL

mssql_connect('172.20.129.172','sa','scs');

$sql = "SELECT name_db FROM tb_Login WHERE username = '"+$loginidvar+"' and password='"+$passwordvar+"'";

$result = mssql_db_query ("tb_Login",$sql);

$row = mssql_fetch_array($result);

 

 

$myRows = mssql_num_rows($sql);

            if ($myRows == 0) {

            die ('That user does not exist in our database.');

}

while($info = mssql_fetch_array( $sql ))

{

$_POST['passwordvar'] = stripslashes($_POST['passwordvar']);

$info['password'] = stripslashes($info['password']);

$_POST['passvar'] = md5($_POST['passvar']);

//give error if password is wrong

 

if ($_POST['passwordvar'] != $info['password']) {

die('Incorrect password, please try again.');

}

else

{

// if login is ok then we add a cookie

 

$_POST['loginid'] = stripslashes($_POST['loginid']);

 

 

$hour = time() + 3600;

setcookie(loginid, $_POST['loginid'], $hour);

setcookie(password, $_POST['password'], $hour);

 

//then redirect them to the members area

header("Location: frameset.html");

}

}

 

} else {

 

// if they are not logged in

?>

<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">

<table border="0">

<tr><td colspan=2><h1>Login</h1></td></tr>

<tr><td>Username:</td><td>

<input type="text" name="username" maxlength="40">

</td></tr>

<tr><td>Password:</td><td>

<input type="password" name="pass" maxlength="50">

</td></tr>

<tr><td colspan="2" align="right">

<input type="submit" name="submit" value="Login">

</td></tr>

</table>

</form>