id for address bar (url)

The code below should display the user id from mysql, who enters the page under his login, but displays id=Resource id #5 in the address bar, what could be wrong?

login.php

 <?php
include_once("bd.php");
if (isset($_POST['login'])){
    $login = $_POST['login'];
    if ($login == '') {
        unset($login);
        exit ("  !");
    }
}
if (isset($_POST['password'])){
    $password = $_POST['password'];
    if ($password == '') {
        unset($password);
        exit (" ");
    }
}
$login = stripslashes($login);
$login = htmlspecialchars($login);
$password = stripslashes($password);
$password = htmlspecialchars($password); 
$login = trim($login);
$password = trim($password);
$password = md5($password);
$user = mysql_query("SELECT id FROM users WHERE login='$login' AND password='$password'");
$id_user = mysql_fetch_array($user);
if (empty($id_user['id'])){
    exit (",      .<a href='index.php'></a><br>");
}
else {
    $_SESSION['password'] = $password;
    $_SESSION['login'] = $login;
    $_SESSION['id'] = $id_user['id'];
    $id_user = $_GET['id'];
$qq = mysql_query("SELECT * FROM users WHERE id = $user");
$id_user = mysql_fetch_row($user);
 echo "<meta http-equiv='Refresh' content='0; URL=index.php?id=$user'>";
  }          
?>

Answer 1, authority 100%

Do it

else {
  $_SESSION['password'] = $password;
  $_SESSION['login'] = $login;
  $_SESSION['id'] = $id_user['id'];
  echo "< meta http-equiv='Refresh' content='0; URL=index.php?id={$id_user['id']}'>";
}

And live in peace.


Answer 2

What is the $user variable?

See in the code how the $user variable is declared and assigned to it.