Creating login page with php and mysql

Question

Here is the code in which I've been trying to Create a login system with php and MySQL but the if else condition are not working properly, i am giving correct values (which are stored in database) on executing it on the browser, it is displaying Invalid email or password instead of displaying Successful Login.. Here is the Code..

<HTML>
<body>

<?php 

$email= $_POST['email']; 
$password=$_POST['password'];

  echo "Email:".$email. " <br>";
 echo "Password: ".$password; 

mysql_connect("localhost","root","");
mysql_select_db("log");

$sql = mysql_query("SELECT * FROM `details` WHERE `Email` = '$email' AND `Password` = 

'$password'") or die("I am dead");
while($row = mysql_fetch_array($sql)){
    echo $row['Email']. " - ". $row['Password'];
    echo "<br />";
}

if ($row['Email'] == $email && $row['Password'] == $password){
echo "Login Successfull" ;
}
else {
echo "<br> Invalid Email or Password";
}


?>

</body>
</html> 

Answer 1

Try using mysqli as mysql is depreciated.

You don't need a loop here. just check with mysqli_num_rows like

if(mysqli_num_rows($sql) > 0){
  echo "Login Successfull" ;
}else {
  echo "<br> Invalid Email or Password";
}

Answer 2

I'm afraid I don't yet have the rep to add this as simply a comment and must therefore leave it as an answer. You're code, as written, is vulnerable to an SQL injection attack. If you're not familiar with that there are some great videos on YouTube detailing what this means and how to protect your database. You must sanitize your code. Best of luck,

Jeremiah