maybe worth a look thanks
Some problems with your code.
One send the number from the app to the php code don't check this in ams as this will be bypassed very easy, people will just spoof the return or create a fake function to mimic yours always do the checking on the php side then return if it passes or not, also your db is not protected from mysql interjection.
Nice tutorial but its floored and I would say for safety reasons not to do this but if you adapted this to maybe download part of the file or app then this might become useful, but remember AMS is plain text within memory so it can been viewed by any memory monitor or hex editor, bypassing a user code system would be a child's play.
Sorry for the english I can't get yahoo's babel fish to work today.
Ways to stop a memory view of whats happing is make a plugin but remember these can be decompiled but this would not put the source code in to the live memory just the functions and action done by the plugin.
But all that said for a simple how 2 for new comers on how to return data from a mysql I guess this is a helpful video, just need to make it safer.