Simple PHP MYSQL Sessions

Simple PHP / MYSQL SESSIONS

//session_start() function is always required
session_start();
require_once('mydb.inc');
$db=my_db_connect();
//error_reporting(0);

$user = $_POST['username'];
$password = md5($_POST['password']);

If ($user || $password) {
if (!($user)) {
$error_message = "Please enter your username. ";
}
else if (!($password)) {
$error_message = "Please enter your password. ";
}
else {
#Check the mysql database for username and password
$command = "SELECT id, username, usertype FROM users WHERE username='$user' AND password='$password' AND usertype='Administrator';";
$result = mysqli_query($db, $command);
if ($data = mysqli_fetch_object($result)) {
#if username, set sessions and redirect.
$_SESSION['id'] = $data->id;
$_SESSION['username'] = $data->username;
//If desired, you can echo output to see/check values.
}
else {
$error_message = "Sorry, your username was incorrect!";
echo $data->username;//Note: nothing outputs since no object
echo $data->id; //Note: nothing outputs since no object
}
}
}