Unity PHP login always returning true

Hello, I have a semi-working c# code that sends the user credentials to a php file which then sends the credentials to a database and returns a response. For some reason, it always returns login okay. Even if I purposely type in the wrong combo. Any help would be greatly appreciated.

C# File:

using UnityEngine;
using System.Collections;

public class Login : MonoBehaviour {

 public Texture LoginBackground;
 public Texture2D stylebackground;
 public GUIStyle LoginStyle;
 public GUIStyle LoginTextBox;
 public GUIStyle LoginButton;
 public string Username;
 public string Password;
 public float transparent;
 private string url;
 public WWW w;
 public WWWForm loginform;
 // Use this for initialization
 void Start () {
 LoginStyle.fontSize = 72;
 LoginStyle.alignment = TextAnchor.MiddleCenter;
 LoginTextBox.fontSize = 20;
 LoginTextBox.alignment = TextAnchor.MiddleCenter;
 LoginTextBox.normal.background = stylebackground;
 LoginButton.fontSize = 30;
 LoginButton.alignment = TextAnchor.MiddleCenter;
 url = "http://redlightlife.tk/scripts/checklogin.php";
 loginform = new WWWForm();
 }
 
 // Update is called once per frame
 void Update () {
 
 }
 
 void OnGUI() {
 GUI.backgroundColor = Color.black;
 GUI.DrawTexture(new Rect(0,0,Screen.width,Screen.height),LoginBackground,ScaleMode.StretchToFill, false, 0.0f);
 GUI.Label(new Rect(Screen.width/2-250,Screen.height/2-250,500,250),"Username:", LoginStyle);
 Username = GUI.TextField(new Rect(Screen.width/2-250,Screen.height/2-80,500,50), Username, 10, LoginTextBox);
 GUI.Label(new Rect(Screen.width/2-250,Screen.height/2-50,500,250),"Password:", LoginStyle);
 Password = GUI.TextField(new Rect(Screen.width/2-250,Screen.height/2+120,500,50), Password, 10, LoginTextBox);
 if (GUI.Button(new Rect(Screen.width/2-150,Screen.height/2+200,300,50),"Login:", LoginButton))
 {
 //CheckLogin();
 StartCoroutine(CheckLogin());
 }
 }
 
 IEnumerator CheckLogin()
 {
 loginform.AddField("username", Username);
 loginform.AddField("password", Password);
 w = new WWW(url,loginform);
 yield return w;
 Debug.Log("Downloaded");
 if (w.error != null)
 {
 print(w.error);
 }
 else
 {
 print("Login Okay");
 string formText = w.text;
 w.Dispose();
 Debug.Log(formText);
 }
 }
}

PHP File:
<?php
function main($formUse = true)
{
$link = mysql_connect(‘bondsolutionsnjcom.fatcowmysql.com’, ‘lightswitch’, ‘password’);
if (!$link) {
die('Could not connect: ’ . mysql_error());
}
echo ‘Connected successfully’;
mysql_select_db(red_light_life_accounts1);

// This could be supplied by a user, for example
$username;
$password;

if(!$username || !$password) {

    echo "Login or password cant be empty.";

} else {

    $SQL = "SELECT username,password FROM accounts WHERE username = '" . $username . "' & password = '" . $password . '"';

        $result_id = @mysql_query($SQL) or die("DATABASE ERROR!");

        $total = mysql_num_rows($result_id);

        if($total) {

            $datas = @mysql_fetch_array($result_id);

            if(!strcmp($pass, $datas["password"])) {

                echo "Success";

            } else {

                echo "Username or password is wrong.";

            }

        } else {

            echo "Data invalid - cant find username.";

        }

    }
 }

// Close mySQL Connection
 
mysql_close();
?>

it would appear the that you have is w.error = false ; login was succeful, what u should do is if w.error = false; does w.data contain “Success” ; as success is what u write if everything went well, otherwise display message that was replied such as “data invalid”;

so what u want is if(w.error …) { … } else { if(w.text.Contains(“Success”)) { Debug.Log(" LOgIN WAS GEWED"); } else { DEBUG.LOG(w.text); } }

that should fix the problem, sory, just some peusdo logic not actually gonna do everything for u… btw, the reason im checking if w.text contains success, is because in ur Php u have if mysql_num_rows > 0; login was good, and u echo “Success”;

otherwise u echo failure messages…

mysql_select_db(red _ light _ life _ accounts1);

Absolutely HAS to be

mysql_select_db('red _ light _ life _ accounts1');

This

$SQL = "SELECT username,password FROM accounts WHERE username = '" . $username . "' & password = '" . $password . '"';

Needs to be(Well, should be, to be properly formatted.)

$SQL = "SELECT * FROM accounts WHERE username = '$username' AND password = '$password';

This doesn’t make sense.

$total = mysql_num_rows($result_id);

        if($total) {

You’re saying “If num_rows is true” which isn’t a valid conditional. It needs to be

$total = mysql_num_rows($result_id);

        if($total >= 1) {

Or you could take the opposite approach,

$total = mysql_num_rows($result_id);

        if($total !== 0) {

This one’s kind of close, but still missing something.

if(!strcmp($pass, $datas["password"])) {

                echo "Success";

            }

You’re saying “If userinput varchar is greater than pulled varchar” this needs to be

$datas = @mysql_fetch_array($result_id);

 $count = strlen($password);
 $count2 = strlen($datas['password']);
 
            if(!strcmp($count, $count2) {

                echo "Success";

            }

As for your programming, I can’t tell you what’s wrong, if anything.

Here is my updated code. It still does not work. Any help would be greatly appreciated. To make it easier I linked to paste bin.

Unity Code:
Pastebin Link for Unity Code
PHP Code:
Pastebin Link for PHP Code