diff --git a/threadr/login/redirect.php b/threadr/login/redirect.php
index a5d6838..c59d58b 100644
--- a/threadr/login/redirect.php
+++ b/threadr/login/redirect.php
@@ -5,7 +5,12 @@ $password = $_POST['password'];
 
 
 $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
-$statement = $pdo->prepare('SELECT id, name, authentication_algorithm, authentication_string FROM users;');
+$statement = $pdo->prepare('SELECT id, name, authentication_algorithm, authentication_string FROM users WHERE name = :username;');
 $result = $statement->execute(array('username' => $username));
-echo $result[0]['name'];
+if ($result) {
+  //existing user name
+  print_r($statement->fetch());
+} else {
+  //wrong user name
+}
 ?>