this is a login page. it returns 0 even the user and pass is right
session_start();
$conn = mysqli_connect('localhost','root','','script');
if (isset($_POST['sub'])) {
$user = $_POST['user'];
$pass = $_POST['pass'];
$result = mysqli_query($conn,'SELECT * FROM admin WHERE username = "$user" AND password = "$pass"');
echo mysqli_num_rows($result);
}
?>
`