使用bootstrap模式和jquery时，mysql_fetch_array不起作用

I'm using ajax $.post method to send user and pass to my database and everything looks good but mysql_fetch_array does not fetch data from database. here is the jquery:

$(document).ready(function(){
    $('#but').click(function(){
        //$('#load').html('<strong>در حال ارسال پیام، لطفا منتظر باشید</script>');
    var pcode = $('#pcode').val();
    var pass = $('#pass').val();
    $.post('login_ajax.php',{php_pcode:pcode,php_pass:pass,su:"set"},function(data){$('#load').html(data);});
    });
});

and here is the php code:

<?php
if (isset($_POST['su'])) {
$pcode = $_POST['php_pcode'];
$pass = $_POST['php_pass'];
require_once('../inc/db.php');
$res = mysql_query("SELECT * FROM user WHERE pcode='$pcode' AND passs='$pass'");
$fe = mysql_fetch_assoc($res);
$co = mysql_num_rows($res);
if ($co == 1) {
    $_SESSION['pcode'] = $pcode;
    $_SESSION['pass'] = $pass;
    $_SESSION['firstname'] = $fe['firstname'];
    $_SESSION['lastname'] = $fe['lastname'];
    $_SESSION['sex'] = $fe['sex'];
    $_SESSION['level'] = $fe['level'];
        if ($_SESSION['level'] == 1) {
            header('location: admin_panel.php');
            }
        elseif ($_SESSION['level'] == 2) {
            header('location: elementary_panel.php');
            }
        elseif ($_SESSION['level'] == 3) {
            header('location: guidance_panel.php');
            }
        elseif ($_SESSION['level'] == 4) {
            header('location: highschol_panel.php');
            }
        elseif ($_SESSION['level'] == 5) {
            header('location: art_panel.php');
            }
        }
    elseif ($count==0){
        echo "کد کاربری اشتباه است";
                //$_SESSION['msg'] = "کد پرسنلی یا رمز عبور اشتباه است";
                //header('location: login.php');
    }
}

?>

You have multiple bugs:

1) Vulnerable to [SQL injection attacks(http://bobby-tables.com)
2) A total lack of error handling on your queries. Never assume success. Always assume failure and treat success as a pleasant surprise. Absolute bare-bones minimal "safe" coding would be something like:

$result = mysql_query($sql) or die(mysql_error());
                           ^^^^^^^^^^^^^^^^^^^^^^^

3) Using an obsolete/deprecated database interface (mysql_*() functions should NOT be used anymore)
4) Mis-matched variable names:

$co = mysql_num_rows($res);
 ^^---the count
if ($count == 1) {
     ^^^^^---where did this variable come from?

Since you're checking the wrong value, ALL of your $_SESSION building code will never ever get executed, so the entirety of your script is useless.

5) No call to session_start() anywhere, so your $_SESSION variables will be lost when the script exits.