real_escape_string($usercheck); $query = mysqli_query($dbconnect, $usercheck); $fetch = mysqli_fetch_object($query); if($fetch->username == $username && $fetch->password == $password) { header('Location: backend.php'); } else { echo ''; } ?>