$sql = "SELECT username, password FROM faculty WHERE username = $user AND password = $pass";
If you don't put the variables in the SQL-Statements into quotes, they are used as column names. It should be something like this:
$sql = "SELECT username, password FROM faculty WHERE username = \"$user\" AND password = \"$pass\"";
|