Untitled

<?php

session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
}
else
{
// Definir isto $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
// estabelecer conexao com estes parameteros
$connection = mysqli_connect('localhost','root','','fitdb');
// Stripslashes para questoes de segurança SQL
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($connection, $username);
$password = mysqli_real_escape_string($connection, $password);


// Query para buscar informação
$query = mysqli_query($connection, "SELECT * FROM tbluser WHERE Username = \"".$_POST["username"]."\" AND Password = \"".$_POST["password"]."\";");
$rows = mysqli_num_rows($query);
if ($rows == 1) {
$_SESSION['login_user']= $username; // Inicializar sessão
header("location: indexPAPWithProfile.php"); // redirect
echo $username;
} else {

$error = "Username or Password is invalid";

}
mysqli_close($connection); // close
}
}


?>