antoine_cherfane help php

1. <?php
2.  
3. $host = "localhost";
4. $user = "root";
5. $pass = "";
6. $data = "Skyhigh";
7.  
8. $con = new mysqli($host, $user, $pass, $data);
9.  
10. if($con->connect_errno)
11. {
12.     printf("Connect failed: %s\n", $con->connect_error);
13. }
14.  
15. $action = $_GET['action'];
16.  
17. $username = $con->real_escape_string($_GET['username']);
18. $password = $con->real_escape_string($_GET['password']);
19.  
20.  
21. //Enctrypt passwords START
22. $encpassword = hash('sha256', $password);
23. //Encrypt passwords END
24.  
25.  
26. if(!$action)
27. {
28.     echo "Please enter an action.";
29. }
30. else
31. {  
32.     if($action == "register")
33.     {
34.        
35.        
36.         $result = mysqli_query("SELECT * FROM users WHERE username = " . $username);
37. if(mysql_num_rows($result) == 0) {
38.      // row not found, do stuff...
39.        
40.        
41. if($query = $con->query("INSERT INTO users (id,username,password) VALUES (null, '$username','$password')"))
42.         {
43.             echo "1";
44.         }
45.         else
46.         {
47.             echo "0";
48.         }
49.     }
50. else
51. {
52. echo "0";
53. }}
54.  
55.  
56.     else if($action == "login")
57.     {
58.         $query = $con->query("SELECT * FROM users WHERE username = '$username' and password = '$encpassword'");
59.         $cnt = $query->num_rows;
60.        
61.         if($cnt > 0)
62.         {
63.             echo "1";
64.         }
65.         else
66.         {
67.             echo "0";
68.         }
69.     }
70. }
71.  
72. ?>