<?phpinclude'config.php';session_start();$error='';$user ='';if(isset(

1. <?php
2. include'config.php';
3. session_start();
4. $error='';
5. $user ='';
6. if(isset($_POST['user']) && isset($_POST['pass'])){
7.     $r = $conn->prepare("SELECT * FROM users WHERE username=? AND password=?");
8.     $verify = md5($_POST['pass']);
9.     $pass = hash('sha256', $verify);
10.     $r->bind_param("ss", $_POST['user'], $pass);
11.     $r->execute();
12.     $result = $r->get_result();
13.     //$r->store_result();
14.     if($row =  $result->fetch_array(MYSQLI_ASSOC)){
15.         //var_dump($row);
16.         if($row['level'] == '1')
17.         $_SESSION['admin']='true';
18.         $_SESSION['id'] = $row['id']; // If I echo the session id  its works.
19.         $_SESSION['user'] =  $row['username']; //  if i echo the session username its not working.
20.         echo "<script>window.location=\"index.php\";</script>";
21.     } else { $error='1'; }
22. }