Hello i am trying to create a login and session script with php to use for sql server and i cannot get it to work, it seams like no mater what i put into the login form aslong as it validates it will work, i cannot figure out what is wrong with the code however, i’ve just resently started using php and sql server and have not gotten the knowlage to figure out the problem for my self if soeone could help that would be great, also if you knwo any good tutorial sites that use sql server and php could you please share as there doesnt seam to be that many good tutorial sites for them sadly. any help is much welcomed at this stage. my main problem is, is that it isnt checking if the information posted in the html form exists in the database. (i have taken out the js validation as it doesnt seam nessessary however that works)

Login.html

<form name="log" action="log_action.php" method="post">
Username: <input class="form" type="text" name="uNm"><br />
Password: <input class="form" type="password" name="uPw"><br />
<input name="submit" type="submit" value="Submit">
</form>

log_action.php

session_start();
$serverName = "(local)";
$connectionInfo = array("Database"=>"mydatabase","UID"=>"myusername", "PWD"=>"mypassword");
$conn = sqlsrv_connect( $serverName, $connectionInfo);
if( $conn === false){
    echo "Error in connection.\n";
    die( print_r( sqlsrv_errors(), true));
}
$username = $_REQUEST['uNm'];
$password  = $_REQUEST['uPw'];
$tsql = "SELECT * FROM li WHERE uNm='$username' AND uPw='$password'";
$stmt = sqlsrv_query( $conn, $tsql, array(), array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
if($stmt == true){
    $_SESSION['valid_user'] = true;
    $_SESSION['uNm'] = $username;
    header('Location: index.php');
    die();
}else{
    header('Location: error.html');
    die();
}

index.php

<?php
session_start();
if($_SESSION['valid_user']!=true){
    header('Location: error.html');
    die();
}
?>

Thank you for any help you guys might be able to bring