Untitled

<?php
	session_start();
		require 'config.php';
		if(isset($_POST['submit2']))
		{
			$user_name=$_POST['username'];
			$pass_word=$_POST['password'];
			if($user_name && $pass_word)
			{
				$pass_word=md5($pass_word);

				$sqlstring="SELECT bdcomptes.* FROM bdcomptes WHERE bdcomptes.username = '$user_name' AND bdcomptes.password = '$pass_word'";
			//	$result=mysql_query($sqlstring);
			//	$numrows=mysql_num_rows($result);
				$result = $mysqli->query("SELECT bdcomptes.* FROM bdcomptes WHERE bdcomptes.username = '$user_name' AND bdcomptes.password = '$pass_word'");
				$numrows=$result->num_rows;

				if($numrows == 1)
				{
					$_SESSION['username']=$user_name;
					header ("Location: membrepage.php");
				}else
					echo "<centre><h2><font color='red'> Invalide Mot de passe ou nom utilisateur </font> </h2></centre>";


			}else
				echo "Veuillez saisir tous les champs";

		}

	?>