登录不检查密码是否错误

Question

So for some reason if the password is correct it knows and takes the user to the correct user account, but if the pass is wrong, it wont log them in but still takes them to the account page that isn't logged in.

Can someone please help me out to not re-direct them if the password is wrong

<?php
session_start();
//$connection = mysqli_connect('localhost', 'root', '');
$connection = mysqli_connect("pdb18.awardspace.net","*****","******","*****");
if (!$connection){
    die("Database Connection Failed" . mysqli_error($connection));
}
$select_db = mysqli_select_db($connection, '******');
if (!$select_db)
    {
        die("Database Selection Failed" . mysqli_error($connection));
    }
    $username=trim($_POST['username']);
    $password=trim($_POST['password']);

    //$encoded_password = base64_encode($password);

$sql = "SELECT * from register where Username='".$username."' and Password='".$password."'";
$result = mysqli_query($connection, $sql) or die(mysqli_error($connection));
$result = $con->query($sql);
$count = mysqli_num_rows($result);
//echo $count;
    if ($count == 1){
        while($row = $result->fetch_assoc()) {
                $id=$row['id'];
        }

        $_SESSION['User'] = $username;
                $_SESSION['UserId'] = $id;
        echo "valid";
    }
    else{
        echo "Invalid";
    }

?> 

Answer 1

Remove this line:

$result = $con->query($sql);

You are using procedural functions, mysqli_* .

This part of code $con->query is OOP style, which you are not using in your code, and overwritting the value o $result variable. You can use both styles, but you should use the same connection, or $connection in your case.