Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include 'config.php';
- include 'dbconnect.php';
- include 'utilities.php';
- if ($_POST) {
- $username = $_POST['username'];
- $password = sha1($_POST['password']);
- $query = "SELECT * FROM users WHERE username = '" . $username . "'
- AND password = '" . $password . "'";
- $result = mysqli_query($_SESSION['dbconn'],$query);
- $record = mysqli_fetch_assoc($result);
- if ($record) {
- $_SESSION['user'] = array();
- $_SESSION['user']['username'] = $record['username'];
- $_SESSION['user']['admin'] = $record['admin'];
- $_SESSION['user']['can_add'] = $record['can_add'];
- $_SESSION['user']['can_edit'] = $record['can_edit'];
- $_SESSION['user']['can_delete'] = $record['can_delete'];
- $_SESSION['message'] = array('success','Welcome ' . $_SESSION['user']['username']);
- } else {
- $_SESSION['message'] = array('danger','User cannot be logged!');
- }
- header('Location: ' . SITE_URL);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement