technical letter

Anon

<head>
</head>
<body bgcolor=\"lightblue\">
<form action=\"main1.php3\" method=\"post\">
<?
if ($submit)
{
$username=\"root\";
$hostname=\"localhost\";
$dbname=\"karthik\";

$passwrd=\"\";

$link=MYSQL_CONNECT($hostname, $username, $passwrd) OR DIE(\"Unable to connect to database\");

MYSQL_SELECT_DB(\"karthik\",$link) or die (\"Unable to select database\"); 

require \'vali.php3\';
$check=chknotmty($user_id,\"user_id\");
echo $check.\"<br>\";
if($check==1)
{

	$sql=\"select user_id,password from user_details where user_id=\'$user_id\'\";

	$result=mysql_query($sql);

	$row=mysql_fetch_Object($result);

		if($row->user_id==$user_id && $row->password==$password)
		{
			echo \" <center> welcome to our home page </center>\";
			echo \"<a href=\\\"main1.php3\\\">CLICKHERE </a>\";
			echo \"<strong><center><font color=\\\"black\\\">$user_id</font></center></strong>\"; 
		}	

}
else
{
		echo \"Sorry You are not a registered user \\n\";
	echo \"<a href=\\\"shop3.php3\\\">Back </a>\";
}

}

?>
</form>
</body>

Anon

sir

i am when user enters is user_id and different password for the next time it accepts and it is not taking proper password
where i am using mysql as backend