Untitled

<?php
session_start();
$user = $_POST['txtuser'];
$PWD = $_POST ['txtpassword'];
$con = @mysql_connect("localhost","root","root");
if (!$con)
{
  die('Could not connect: ' . mysql_error());
}
mysql_select_db("cs3b", $con);
$result = mysql_query("SELECT * FROM account WHERE username='$user' and password='$PWD'");
$found = mysql_num_rows($result);
if ($found) {

        $_SESSION["accessed"] = 1;
        echo "<center><h1>access granted.</h1></center>";
                echo "<script> location.href='index.php';</script>";
    } else {
        $_SESSION["accessed"] = 0;
                 echo "<center><h1>Unknown User.<a href='login.html'>Try Again?</a></h1></center>";
        die ("<center><h2>access denied</h2></center> ");
}
mysql_close($con);

?>