Untitled

<?php
    //Start the session
    session_start();

    //Get userName and Password from login form.
    if(isset($_POST['userName']) && $_POST['password']){
        $userName = $_POST['userName'];
        $password = $_POST['password'];
    }

    //Set strings for host, user, password and database name for access to
    //the database.
    $dbHost='localhost';
    $dbUser ='root';
    $dbPassword='';
    $dbName='DainDevOnline';

    //Connect to the database server.
    $dbCon = @mysql_connect($dbHost, $dbUser, $dbPassword);
        if(!$dbCon){
            echo("<p>Cannot conect to the database server.</p>");
            exit();
        }

    //Connect to the database.
    mysql_select_db($dbName, $dbCon);
    if(!@mysql_select_db($dbName)){
        echo("Cannot locate ".$dbName." database.</p>");
        exit();
    }
    //Query to see if userName and password match.
    $query_login = "SELECT * FROM user WHERE userName =
                    '$userName' AND password = '$password'";
    $result_login = mysql_query($query_login) or die
                    ("Cannot verify user because: ".mysql_error());

    //Verification of user login.
    if(mysql_num_rows($result_login)==1){
        $_SESSION = true;

        //Send user to logged in page.
        header('Location: welcome.php');
    }else{
        $oops = 'Ooops you enter something wrong.';

    }
    echo $oops;
?>