When i try to log in into admin page it says "wrong password " but the password is correct


#1
<?php error_reporting(0); $connect = mysql_connect("localhost","root",""); $db = mysql_select_db("rmsdb"); $username = $_POST['username']; $password = md5($_POST['password']); $query = mysql_query("select * from user_accounts where username='".$username."'"); if(mysql_num_rows($query) > 0 ){ while ($row = mysql_fetch_assoc($query)) { if($row['password'] == $password){ if($row['status'] == 'Activated'){ if($row['type'] == 'Admin'){ session_start(); $_SESSION['id'] = $row['id']; $_SESSION['username'] = $row['username']; $_SESSION['password'] = $row['password']; $_SESSION['firstname'] = $row['firstname']; $_SESSION['lastname'] = $row['lastname']; $_SESSION['gender'] = $row['gender']; $_SESSION['address'] = $row['address']; $_SESSION['email'] = $row['email']; $_SESSION['contact'] = $row['contact']; $_SESSION['email'] = $row['email']; $_SESSION['secret_question'] = $row['secret_question']; $_SESSION['secret_answer'] = $row['secret_answer']; echo'

ወደ ADMIN ገጽ ገብተዋል!'; echo '

You are now Logged In!

'; }else{ session_start(); $_SESSION['id'] = $row['id']; $_SESSION['username'] = $row['username']; $_SESSION['password'] = $row['password']; $_SESSION['firstname'] = $row['firstname']; $_SESSION['lastname'] = $row['lastname']; $_SESSION['gender'] = $row['gender']; $_SESSION['address'] = $row['address']; $_SESSION['email'] = $row['email']; $_SESSION['contact'] = $row['contact']; $_SESSION['email'] = $row['email']; $_SESSION['secret_question'] = $row['secret_question']; $_SESSION['secret_answer'] = $row['secret_answer']; echo"

ወደ EMPLOYEE ገጽ ገብተዋል!

"; echo '

You are now Logged In!

'; } }else{ echo '

Sorry Your Account has been Deactivated!

'; } }else{ echo '

Wrong password!

'; } } }else{ session_destroy(); echo '

User not found!

'; } ?>