Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php require_once("../includes/init.php");
- include("admin_header.php");
- $login_handler = "";
- if (isset($_POST['submit'])) { // Form is submitted.
- $username = trim($_POST['username']);
- $password = trim($_POST['password']);
- $stmt = $db->prepare("SELECT * FROM xail_users WHERE username = :username");
- $params = array("username" => $username);
- $stmt->execute($params);
- $user = $stmt->fetch(PDO::FETCH_ASSOC);
- // Check if a user exists.
- if ($user['username']) {
- if (crypt($password, $user['password']) == $user['password']) {
- // Success login.
- $_SESSION['username'] = $user['username'];
- switch ($user['role']) {
- case 1: $_SESSION['role'] = "Super Admin";
- break;
- case 2: $_SESSION['role'] = "Admin";
- break;
- default: $_SESSION['role'] = "Admin";
- }
- redirect_to("index.php");
- } else {
- // Failed login.
- $login_handler = output_message("Wrong username or password!", "error");
- }
- } else {
- $login_handler = output_message("Username {$username} doesn't exist.", "error");
- }
- } else { // Form not submitted.
- $username = "";
- $password = "";
- } ?>
Add Comment
Please, Sign In to add comment
