<?phpsession_start();$mysqli=new MySQLi("localhost", "root", "", "hws");$role

1. <?php
2. session_start();
3. $mysqli=new MySQLi("localhost", "root", "", "hws");
4. $role="";
5.  
6. $username=filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
7. $password=filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
8.  
9. if($query=$mysqli->prepare("SELECT `role` FROM members WHERE username=? AND password=?"))
10. {
11. $query->bind_param("ss", $username, $password);
12. $query->execute();
13. $query->bind_result($role);
14. $query->fetch();
15. }
16. else
17. {
18. echo "Errors in the Query. ".$mysqli->error;
19. die();
20. }
21.  
22. if($role!="")
23. {
24. $_SESSION['ingelogt']=$username;
25. $_SESSION['user_role']=$role;
26. $location="$role.php"; // If role is admin this will be admin.php, if student this will be student.php and more.
27. header("location: $location"); // Redirect to the respective pages.
28. }
29. else
30. {
31. echo "Invalid password, username combination";
32. }
33.  
34. ?>
35.  
36. <?php
37. session_start()
38. if(!isset($_SESSION['ingelogt']))
39. {
40. header("location: index.php"); // The user is not logged in. Redirect him to the login page.
41. }
42.  
43. $page_role="leerling"; // This must be admin for admin.php and student for student.php and similar
44.  
45. $role=$_SESSION['user_role'];
46.  
47. if($role!=$page_role) // If student come to admin page by mistake or admin to student and similar
48. {
49. echo "You are not supposed to be here.";
50. die();
51. }
52. ?>
53. <!DOCTYPE html>
54. <html>
55. <head>
56. <title>Home</title>
57. <link rel="stylesheet" href="css/style.css">
58. <link rel="stylesheet" href="css/fontello.css">
59. </head>
60.  
61. <body>
62. <div class="siteContainer">
63. <div class="navLeft">
64. <a href="overzicht.php">
65. <img src="../../img/logo.png" alt="HWSysteem" class="mainLogo">
66. </a>
67. </div>
68. </div>
69. </body>
70. </html>
71.  
72. <?php
73. session_start();
74. $mysqli=new MySQLi("localhost", "USER_NAME_HERE", "PASSWORD_HERE");
75. $role="";
76.  
77. $username=filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
78. $password=filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
79.  
80. if($query=$mysqli->prepare("SELECT `role` FROM members WHERE username=? AND password=?"))
81. {
82. $query->bind_param("ss", $username, $password);
83. $query->execute();
84. $query->bind_result($role);
85. $query->fetch();
86. }
87. else
88. {
89. echo "Errors in the Query. ".$mysqli->error;
90. die();
91. }
92.  
93. if($role!="")
94. {
95. $_SESSION['ingelogt']=$username;
96. $_SESSION['user_role']=$role;
97. $location="$role.php"; // If role is admin this will be admin.php, if student this will be student.php and more.
98. header("location: $location"); // Redirect to the respective pages.
99. }
100. else
101. {
102. echo "Invalid password, username combination";
103. }
104.  
105. ?>
106.  
107. And in your admin.php, student.php
108.  
109. <?php
110. if(!isset($_SESSION['ingelogt']))
111. {
112. header("location: login.php"); // The user is not logged in. Redirect him to the login page.
113. }
114.  
115. $page_role="admin"; // This must be admin for admin.php and student for student.php and similar
116.  
117. $role=$_SESSION['user_role'];
118.  
119. if($role!=$page_role) // If student come to admin page by mistake or admin to student and similar
120. {
121. echo "You are not supposed to be here.";
122. die();
123. }
124.  
125. ?>