PHP MYSQLI login Allow capital letter -

this script work, if use capital letter user not work,

in database user name tom. , can login if use tom, tom not work. how can fix it?

<?php $username=$_post['username']; $password=md5($_post['password']); $login=$_post['login']; if(isset($login)){   $mysqli = new mysqli("localhost", "root", "tech112!", "ripper");   if ($mysqli->connect_errno) {     echo "failed connect mysql: " . $mysqli->connect_error;   }   $res = $mysqli->query("select * login username='$username' , password='$password'");   $row = $res->fetch_assoc();   $name = $row['name_login'];   $user = $row['username'];   $pass = $row['password'];   $rank = $row['type_login'];   if($user==$username && $pass=$password){     session_start();     if($rank=="2"){       $_session['mysesi']=$user;       $_session['rank']=$rank;       echo "<script>window.location.assign('index.php')</script>";     } else if($rank=="1"){       $_session['mysesi']=$user;       $_session['rank']=$rank;       echo "<script>window.location.assign('index.php')</script>";     }       }   }  ?> 

tom lammers

convert both database , $_post username lowercase , compare those. make username case insensitive.

$res = $mysqli->query("select * login lower(`username`)='".strtolower($username)."' , password='$password'"); 

and edit if compare lowercase username.

if(strtolower($user) == strtolower($username) && $pass=$password){ 

nb! query open sql injection, read this fix it.

to avoid sql injection, use bind_param.

/* code until query */  $stmt = $mysqli->prepare("select * login lower(`username`) = ? , password = ?");  // add variables safely $stmt->bind_param('ss', strtolower($username), $password);  $stmt->execute(); $result = $stmt->get_result(); $row = $result->fetch_assoc();  /* rest of code */