Untitled

<?php
session_start();
require_once("include/database.php");

if (isset($_POST['submit'])) {
    $errMsg = '';
    //username and password sent from Form
    $username = $_POST['user_login'];
    $password = $_POST['user_password'];

    if ($username == '') {
        $errMsg .= 'You must enter your Username<br>';
    }

    if ($password == '') {
        $errMsg .= 'You must enter your Password<br>';
    }


    if ($errMsg == '') {
        $records = $db->prepare('SELECT user_id ,user_login ,user_password FROM users WHERE user_login = :username');
        $records->bindParam(':username', $username  );
        $records->execute();
        $results = $records->fetch(PDO::FETCH_ASSOC);
        if (count($results) > 0 && password_verify($password, $results['user_password'])) {
            $_SESSION['user_login'] = $results['user_login'];
            header('location:test.php');
            exit;
        } else {
            $errMsg .= 'Username and Password are not found<br>';
        }
    }
}
?>