Untitled

<?php

    $host="xxxxx"; // Host name
    $username="xxxxx"; // Mysql username
    $password="xxxxx"; // Mysql password
    $db_name="xxxxx"; // Database name
    $tbl_name="userDetails"; // Table name

    // Connect to server and select databse.
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");

    // username and password sent from form
    $Username=$_POST['Username'];
    $Password=$_POST['Password'];


    $Username = stripslashes($Username);
    $Password = stripslashes($Password);
    $Username = mysql_real_escape_string($Username);
    $Password = mysql_real_escape_string($Password);
    $query="SELECT * FROM $tbl_name WHERE Username='$Username' AND      Password='$Password'";
    $result=mysql_query($query);
    //$row = mysql_fetch_array($result);
    //=mysql_query($sql);

    // Mysql_num_row is counting table row
    //$count=mysql_num_rows($result);

    // If result matched $Username and $Password, table row must be 1 row
    //if ( $row['Username'] == $Username &&  $row['Password'] == $Password )
    if ($result)
    {
    // Register $Username, $Password and redirect to file "success.php"
    session_register("Username");
    session_register("Password");
    session_start();
    $_SESSION['login_user']= $Username;  // Initializing Session with value of   PHP Variable
    echo $_SESSION['login_user'];
    echo "you are now logged in";
    header("Refresh:0; url=index.html");
    //header("location:success.php");
    }

    else {
    echo "Wrong Username or Password";

    }

    ob_end_flush();
    ?>