php登录界面用户名和密码验证问题,这个代码是无论用户名和密码是什么都可以登录成功,怎么改成只有数据库用户表里的用户才能登录成功
<?php
if ($deng){
if($CheckCode!= $_SESSION['SafeCode']||empty($CheckCode)){
echo "<script>alert('校验码不正确!');window.location.href='index.php';</script>";
exit;
}
if(isset($_POST['admin_user']) || isset($_POST['admin_pass'])){
$conn=mysql_connect("localhost","root","root");
mysql_query("set names 'gb2312'");
mysql_select_db("biba",$conn);
$sql=mysql_query("select * from tb_admin where admin_user='{$_POST[admin_user]}'and admin_pass='{$_POST[admin_pass]}'",$conn);
if(!$result){
$_SESSION['admin_user']=$_POST['admin_user'];
$_SESSION['admin_pass']=$_POST['admin_pass'];
echo "<script>alert('管理员登录成功!');window.location.href='indexs.php';</script>";
}else{
echo "<script>alert('管理员登录失败!');</script>";
}
}
}
?>