Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $mysqli=new MySQLi("localhost", "root", "", "hws");
- $role="";
- $username=filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
- $password=filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
- if($query=$mysqli->prepare("SELECT `role` FROM members WHERE username=? AND password=?"))
- {
- $query->bind_param("ss", $username, $password);
- $query->execute();
- $query->bind_result($role);
- $query->fetch();
- }
- else
- {
- echo "Errors in the Query. ".$mysqli->error;
- die();
- }
- if($role!="")
- {
- $_SESSION['ingelogt']=$username;
- $_SESSION['user_role']=$role;
- $location="$role.php"; // If role is admin this will be admin.php, if student this will be student.php and more.
- header("location: $location"); // Redirect to the respective pages.
- }
- else
- {
- echo "Invalid password, username combination";
- }
- ?>
- <?php
- session_start()
- if(!isset($_SESSION['ingelogt']))
- {
- header("location: index.php"); // The user is not logged in. Redirect him to the login page.
- }
- $page_role="leerling"; // This must be admin for admin.php and student for student.php and similar
- $role=$_SESSION['user_role'];
- if($role!=$page_role) // If student come to admin page by mistake or admin to student and similar
- {
- echo "You are not supposed to be here.";
- die();
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <title>Home</title>
- <link rel="stylesheet" href="css/style.css">
- <link rel="stylesheet" href="css/fontello.css">
- </head>
- <body>
- <div class="siteContainer">
- <div class="navLeft">
- <a href="overzicht.php">
- <img src="../../img/logo.png" alt="HWSysteem" class="mainLogo">
- </a>
- </div>
- </div>
- </body>
- </html>
- <?php
- session_start();
- $mysqli=new MySQLi("localhost", "USER_NAME_HERE", "PASSWORD_HERE");
- $role="";
- $username=filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
- $password=filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
- if($query=$mysqli->prepare("SELECT `role` FROM members WHERE username=? AND password=?"))
- {
- $query->bind_param("ss", $username, $password);
- $query->execute();
- $query->bind_result($role);
- $query->fetch();
- }
- else
- {
- echo "Errors in the Query. ".$mysqli->error;
- die();
- }
- if($role!="")
- {
- $_SESSION['ingelogt']=$username;
- $_SESSION['user_role']=$role;
- $location="$role.php"; // If role is admin this will be admin.php, if student this will be student.php and more.
- header("location: $location"); // Redirect to the respective pages.
- }
- else
- {
- echo "Invalid password, username combination";
- }
- ?>
- And in your admin.php, student.php
- <?php
- if(!isset($_SESSION['ingelogt']))
- {
- header("location: login.php"); // The user is not logged in. Redirect him to the login page.
- }
- $page_role="admin"; // This must be admin for admin.php and student for student.php and similar
- $role=$_SESSION['user_role'];
- if($role!=$page_role) // If student come to admin page by mistake or admin to student and similar
- {
- echo "You are not supposed to be here.";
- die();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement