<?php session_start(); $emailAddress = $_POST['emailAddress']; $inputPassw

1. <?php
2. session_start();
3. $emailAddress = $_POST['emailAddress'];
4. $inputPassword = $_POST['password'];
5. $host = "localhost";
6. $database = "peterngu_cst8238";
7. $username = "peterngu_account";
8. $password = "44126841";
9. if(isset($_POST['emailAddress'])&&isset($_POST['password']) && isset($_POST['submit'])){
10. $dbConnection = mysql_connect($host, $username, $password);
11. if(!$dbConnection){
12. die("Unable to connect to database ". $host.mysql_connect_error($dbConnection));
13. }
14. mysql_select_db($database);
15. $sql = "SELECT * FROM employee WHERE emailAddress ='$emailAddress' and password = '$inputPassword'";
16. $query = mysql_query($sql);
17. $queryResult = mysql_fetch_array($query);
18. $loginEmail = $queryResult['emailAddress'];
19. $loginPassword =$queryResult['password'];
20. if($emailAddress == $loginEmail && $inputPassword == $loginPassword){
21. $_SESSION['firstName'] = $queryResult['firstName'];
22. $_SESSION['lastName'] = $queryResult['lastName'];
23. $_SESSION['emailAddress'] = $queryResult['emailAddress'];
24. $_SESSION['phoneNum'] = $queryResult['phoneNum'];
25. $_SESSION['socialNumber'] = $queryResult['socialNumber'];
26. $_SESSION['password'] = $queryResult['password'];
27. header("Location:viewAllEmployees.php", true);
28. exit();
29. }
30. else{
31. $error = "Incorrect Login Information!";
32. echo $error;
33. }
34. mysql_close($dbConnection);
35. }
36. ?>
37. <?php
38. include 'header.php';
39. include 'menu.php';
40. ?>
41. <html>
42. </br>
43. <h1><b>Login</b></h1>
44. <form method="post">
45. Email Address:
46. <input type="text" name="emailAddress"/></br>
47. Password:
48. <input type="text" name="password"/><br/>
49. <input type="submit"/>
50. </form>
51. </br>
52. </br></br>
53. </br></br>
54. </br>
55. </html>
56. <?php
57. include 'footer.php';
58. ?>