gagal login

1. $result = $mysqli->query("SELECT * FROM user");
2.  
3. if ($result) {
4. $get = $result->fetch_object();
5. if (trim($username)==$get->username && trim($password)==$get->password) {
6. if ($get->status == 0) {
7. $mysqli->query("UPDATE user SET status = '1' WHERE username = '$username' AND password = '$password' ");
8. $_SESSION['id'] = $get->id;
9. $_SESSION['username'] = $get->username;
10. $_SESSION['level'] = $get->level;
11. $_SESSION['level2'] = $get->level2;
12. header("location:index.php");
13. } else {
14. echo '<script>window.alert("anda telah login");window.location=("login.php");</script>';
15. }
16. } else {
17. $_SESSION['pesan'] = "Your Username or Password was incorrect";
18. header("location:login.php");
19. }
20. }