Trying to create login

I'm new to PHP and web development in general. Is this a good coding style for me as a beginner? I don't care about password hashing. I use MD5 which is, as far as I know, not a good encryption method, and I'm trying to create just the login for now.

connection.php:

getMessage();
}
?>

index.php:

    prepare($sql);
            $query->bindValue(1,$username);
            $query->bindValue(2,$password);
            $query->execute();

            if ($query->rowCount() > 0) {
                //User details right
                $_SESSION['logged_in'] = true;
                header("Location: member.php");
            } else {
                //User details wrong
                $error = "Wrong username or password";
            }
        }
    }

?>

 
    
 

member.php:

Logout

logout.php

Here is my form:

Here are few things I observed:

-
You repeated session_start() twice in your member.php - you can only do that once in order to start the session

-
You are not sanitizing your input for bad values - its best practice to do so to avoid SQL injection - however as a beginner its a good idea that you started with PDO and not legacy mysql_query

-
After a redirect you should exit(); because your script will continue to process until end of the file. Why let a script continue when you're done.

-
I know you are trying to section your code but if PHP code continues don't close it un-necessarily. (referring to index.php and to the if error part).

-
You should use require or require_once. include causes an error if include is invoked (by mistake) more than one time.

-
Last observation would be in your member.php it should be a blacklist if and not if/else. You should basically tell the user that you shouldn't be here if you are not logged in..if not just proceed to the rest of the script (ask question if you didn't understand this part)

StackExchange Code Review Q#44764, answer score: 5