It's pretty basic...
First, forget about the MySQL for a second. In the PHP, check that both the username and password fields on your HTML form have been filled in. There's no point querying the database if the user hasn't entered the relevant data.
-
$result;
-
$result = SQL QUERY ("SELECT id FROM users WHERE name = '".$_GET['xxx']."' AND passwd = '".$_GET['yyy']."'");
-
-
if ($result) {
-
//user is valid
-
} else {
-
// output error, bad username/pass
-
}
That's a very basic, quick way. You can expand on that, or even go about doing it an entirely different way. You should also strip special characters from the input before using them in queries, to prevent SQL Injection... so the method above isn't secure. 'xxx' and 'yyy' are the names of the input fields in your html, for username and password, respectively.
You could store the input in variables first, strip bad characters and then use those variables in the sql statement. Play around and experiment.