ob_start(); require("../includes/header.php"); if($_SERVER["REQUEST_METH

1. ob_start();
2. require("../includes/header.php");
3. if($_SERVER["REQUEST_METHOD"] == "POST"){
4. $p_num = $_POST["username"];
5. $pwd = $_POST["password"];
6. ob_clean();
7.  
8. $query = "SELECT * FROM `$user_table` WHERE `user_id` = '$p_num'";
9. $result = mysqli_query($connect, $query) or die(mysqli_error($connect));
10.  
11. while($row = mysqli_fetch_assoc($result)){
12. $user_id = "{$row['user_id']}";
13. $first_name = "{$row['first_name']}";
14. $last_name = "{$row['last_name']}";
15. $user_name = $first_name ." " .$last_name;
16. $password = "{$row['password']}";
17. $image = "{$row['image']}";
18. $email = "{$row['email']}";
19. $program = "{$row['program']}";
20. $role = "{$row['role']}";
21. $status = "{$row['logged_in']}";
22. $registered = "{$row['registered']}";
23.  
24. if(($user_id == $p_num) && password_verify($pwd, $password)){
25. $_SESSION["id"] = $user_id;
26. $_SESSION["user"] = $user_name;
27. $_SESSION["program"] = $program;
28. $_SESSION["pass"] = $password;
29. $_SESSION["image"] = $image;
30. $_SESSION["email"] = $email;
31. $_SESSION["role"] = $role;
32. $_SESSION["status"] = $status;
33. $_SESSION["registered"] = $registered;
34. $loggedin = "UPDATE `$user_table` SET `logged_in` = 1 WHERE `user_id` = '$user_id'";
35.  
36. if($_SESSION["status"] == 1){
37. header("Location: ../pages/denied_login.php");
38. }
39. elseif($_SESSION["registered"] == 0){
40. header("Location: ../pages/not_registered.php");
41. }
42. else{
43. header("Location: ../pages/instructor.php");
44. mysqli_query($connect, $loggedin);
45. }
46. }
47. else{
48. header("Refresh: 1; URL=../index.php");
49. }
50. }
51. echo json_encode(array("success"=>1));
52. }
53.  
54. $("#login").on("click", function(){
55. $.post("../php/login.php", {}, function(response){
56. if(response.success == "1"){
57. location.replace("../pages/instructor.php");
58. }
59. })
60. })