<?php if(isset($_GET['sign-out'])) { unset($_SESSION['sign-in']); heade

1. <?php
2.     if(isset($_GET['sign-out'])) {
3.     unset($_SESSION['sign-in']);
4.  
5.         header("Location: index.php");
6.         die;
7.     }
8.     if(!isset($_SESSION['sign-in'])) {
9. ?>
10. <form method="POST" action="index.php">
11.     <label for="username">Username</label>
12.     <input type="text" id="username" name="username" placeholder="Username" tabindex="1">
13.     <br><br>
14.     <label for="password" id="password" name="password">Password&nbsp;</label>
15.     <input type="password" id="password" name="password" placeholder="Password" tabindex="2"><br><br>  
16.    
17.     <input type="submit" name="submit" value="Login" tabindex="3">
18. </form>
19. <?php
20.     if(isset($_POST["submit"])) {
21.         // require "app/includes/function.php";
22.  
23.         $username = htmlspecialchars($_POST['username'], ENT_QUOTES);
24.         $password = htmlspecialchars($_POST['password'], ENT_QUOTES);
25.  
26.         $query = mysqli_query($connection, "SELECT `id` FROM `users` WHERE `user_name` = '".$username."' AND `user_password` = '".$password."'"); die;
27.         $rows = mysqli_num_rows($query);
28.  
29.         if($rows > 0) {
30.             $_SESSION['sign-in'] = "true";
31.  
32.             header("Location: index.php");
33.  
34.             die;
35.         } else {
36.             echo "The data is not correctly entered";
37.         }
38.     }
39. } else {
40. ?>
41.     You have successfully logged<br>
42.     <a href="index.php?sign-out=true">Sign out</a>
43. <?php
44.     }
45. ?>