Untitled

<?php
session_start();
$user="root";
$pass="";
$host="localhost";
$dbname="neardeal";
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
//create connection
$conn = new mysqli($host, $user, $pass, $dbname);
//check connection
if($conn->connect_error){
    die("connection failed" .$com->connect_error);
}
$sql = "SELECT * FROM user WHERE username='{$username}' AND password='{$password}' LIMIT 1";
$result = $conn->query($sql);
$user = array();
while($row =$result->fetch_assoc()){
    $user = $row;
}
if(!empty($user)) {
    $_SESSION['user_id'] = $user['id'];
    echo json_encode(array(
        'success' => true,
        'user' => $user
    ));
}
else {
    echo json_encode(array(
        'success' => false,
        /** return empty user to prevent error when java converting to user object*/
        'user' => array(
            'id'=>0,
            'username'=>'',
            'password'=>''
        )
    ));
}