Querying PHPMYADMIN with two constraints

I am trying to create a login script that pulls inform开发者_高级运维ation by verifying that the username is part of a group. In other words i am using two "ands" to verify info. Am i doing this correctly?

 PHP:

$check = mysql_query("SELECT username ,password FROM customers WHERE username =                     '".$_POST['user_name']."' and group_name='".$group_name."'")or die(mysql_error());

Brandon Horsley and Matt Gibson already mentioned it as comments - think about SQL injection. Next thing is that I strongly don't recommend to use die(mysql_error()). Otherwise an experienced user might be able to "read something" out of that.
The easiest way is to use mysql_real_escape_string() (http://de.php.net/mysql_real_escape_string) - so you could adapt your code just like that (I assume that $group_name is also a value that can be manipulated by user):

<?php
// ...
$check = mysql_query("SELECT username, password FROM customers WHERE username = '". mysql_real_escape_string($_POST['user_name']) ."' and group_name = '". mysql_real_escape_string($group_name) ."'") or die('error);
// ...
?>