Except that you'd want to (a) get the userid out of the query result set (you can't store the result set itself in a session - and incidentally, [man]mysql_query[/man] is deprecated), (b) check that you did get a result, and (c) have a plan of what to do if you don't get a result.
Usually you'd retrieve things like user id and user name from the database when you're looking at a login attempt and deciding whether or not it's successful. If it is, put the necessary data in the session (which would represent in the system the act of "logging the user in") and proceed with the application.