Untitled

<?php

$servername = "localhost";
$username = "root";
$password = "Pendora!sql2018";
$dbname = "pendora";

// Herstellen der Verbindung zur Datenbank

$conn = new mysqli($servername, $username, $password, $dbname);
session_start();
// Testen ob die Verbindung zur Datenbank steht
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);

}
else {
    $error = "Verbindung steht";
}


if($_SERVER["REQUEST_METHOD"] == "POST") {
      // Diese if-Abfrage wird erst aktiviert, sobald von der Webseite durch eine Form per "POST" Daten liefert

   #   $postuser = mysqli_real_escape_string($db,$_POST['username']);
   #   $postpw = mysqli_real_escape_string($db,$_POST['password']);
      $postuser = $_POST['username'];
      $postpw = $_POST['password'];
   #   $sql = "SELECT * FROM users WHERE user = '" . $postuser . "' and password = '" . $postpw . "'"  or die(mysql_error());
   #   $result = mysqli_query($db,$sql);
   #   $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
   #   $active = $row['active'];
      // Abfrage der Einträge in der Tabelle Pendora in der man User für die Webseite eintragen kann.
    $result = $conn->query( "SELECT * FROM users WHERE user ="  . mysql_real_escape_string($_POST['username']) ." and" . mysql_real_escape_string($_POST['password']) . "" );

    if (!$result) {
    printf("Error: [%s] %s<br/>", $conn->errno, $conn->error);
    }

   #$count = mysqli_num_rows($result);

      // If result matched $postuser and $postpw, table row must be 1 row


    if($result->num_rows >= 0) {
        session_register("postuser");
        $_SESSION['login_user'] = $postuser;

        header("location: index.php");
     }
     else {
     $error = "Your login name or password is invalid";


      }

    ;
   }
?>