i<?php include("config.php"); // username and password sent f

1. i<?php
2. include("config.php");
3.  
4.  
5.  
6. // username and password sent from form
7.  
8. $myusername = mysqli_real_escape_string($db,$_POST['username']);
9. $mypassword = mysqli_real_escape_string($db,$_POST['password']);
10.  
11. $sql = "SELECT * FROM student WHERE st_id = '$myusername' and password = '$mypassword'";
12. $result = mysqli_query($db,$sql);
13.  
14.  
15.  
16. $count = mysqli_num_rows($result);
17.  
18.  
19. $sql1 = "SELECT * FROM lecturer WHERE lec_id = '$myusername' and lec_password = '$mypassword'";
20. $result1 = mysqli_query($db,$sql1);
21.  
22.  
23.  
24. $count1 = mysqli_num_rows($result1);
25.  
26. // If result matched $myusername and $mypassword, table row must be 1 row
27.  
28.  
29. // If result matched $myusername and $mypassword, table row must be 1 row
30.  
31. if($count == 1) {
32. header("Location:../department/department.php");
33. }else if($count1==1){
34. header("Location:../department-lec/department.php");
35.  
36. }
37. else{
38. header("location:login.php");
39. }
40.  
41.  
42. ?>