PHP验证登录用户名和密码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
</head>

<body>
<form action="duixiangyingyong" method="post">
用户名：<input type="text" name="user"/><br>
<p></p>
密码：&nbsp;<input type="text" name="pass"/><br>
<input type="submit" name="sub" value="登录">
</form>
<?php

if(!isset($_POST['sub']))
{
exit('非法访问!');
}
else
{
check();
}

function check()
{
$con=mysql_connect("localhost","root","120911");
if(!$con)
{
die('连接失败：'.mysql_error);
}
mysql_select_db("mydb",$con);
$a=$_POST['user'];
$b=$_POST['pass'];
$sql=mysql_query("select*from Persons where FirstName='".$a."'and Age='".$b."'");

$info=mysql_fetch_array($sql);
if($info)
{
echo "<script>alert('登录成功')</script>>";
}
else
{
echo "<script>alert('登录失败')</script>>";
}
}

?>
</body>
</html>