<?phpsession_start();try { // connect to the database require 'conn

1. <?php
2.  
3. session_start();
4.  
5. try {
6.  
7. // connect to the database
8. require 'connect.php';
9. // data from the browser
10. $sUserName = $_POST['txtEmailorPhoneNumber'];
11. $sPassword = $_POST['txtPassword'];
12. // create a query to compare data in the database with data from the browser
13. $query = $conn->prepare("SELECT * FROM users WHERE userName=':userName' AND password=':password'");
14. $query->bindParam( ':userName' , $sUserName );
15. $query->bindParam( ':password' , $sPassword );
16. // run query
17. $bResult = $query->execute();
18. $ajResult = $query->fetch(PDO::FETCH_ASSOC);
19. // take each property one by one
20. $sUserId = $ajResult['userId'];
21. $_SESSION['sUserId'] = $sUserId;
22. $sUserRole = $ajResult['userRoles_roleId'];
23. $sUserName = $ajResult['userName'];
24. $sFirstName = $ajResult['firstName'];
25. $sLastName = $ajResult['lastName'];
26. $sImagePath = $ajResult['image'];
27. $sjResponse = $bResult ? '{"status":"ok", "userId":"'.$sUserId.'", "userRole":"'.$sUserRole.'", "userName":"'.$sUserName.'", "firstName":"'.$sFirstName.'", "lastName":"'.$sLastName.'", "image":"'.$sImagePath.'"}' : '{"status":"error"}';
28. echo $sjResponse;
29. } catch (Exception $e) {
30.  
31. echo "ERROR";
32.  
33. }
34. ?>
35.  
36. function loginUser() {
37. // it is not the OPTIMAL way to fix the reload issue and there
38. var ajax = new XMLHttpRequest();
39. ajax.onreadystatechange = function() {
40. if ( this.readyState == 4 && this.status == 200 ) {
41.  
42. ajUserDataFromServer = JSON.parse(this.responseText);
43. console.log( "Response:", ajUserDataFromServer );
44.  
45. if ( ajUserDataFromServer.status == "ok" ) {
46.  
47. //after login also sets key values to the sessionstorage
48. sessionStorage.setItem( 'status', 'loggedin' );
49. sessionStorage.setItem( 'userId', ajUserDataFromServer.userId );
50. sessionStorage.setItem( 'userRole', ajUserDataFromServer.userRole );
51. sessionStorage.setItem( 'userName', ajUserDataFromServer.userName );
52. sessionStorage.setItem( 'firstName', ajUserDataFromServer.firstName );
53. sessionStorage.setItem( 'lastName', ajUserDataFromServer.lastName );
54. sessionStorage.setItem( 'image', ajUserDataFromServer.image );
55.  
56. pageLogin.style.display = "none";
57.  
58. loggedin = true;
59.  
60.  
61. // for ADMIN view
62. if ( (loggedin === true ) && (sessionStorage.getItem( 'userRole' ) === "1" ) ) {
63.  
64.  
65. showWelcomeMessage();
66. showAdminInterface();
67. getProductData();
68. getUserData();
69. getSubriberData();
70.  
71.  
72. // for USER view
73. } else if (loggedin === true && sessionStorage.getItem('userRole') === "2") {
74.  
75. showWelcomeMessage();
76. showUserInterface();
77. getProductData();
78.  
79. }
80.  
81. } else {
82.  
83. //console.log( "LOGIN FAIL - TRY AGAIN" );
84. pageLogin.style.display = "flex";
85. pageViewProducts.style.display = "none";
86. lblLoginErrorMessage.innerHTML = "";
87. var sLoginErrorMessage = "Login Failed - Try again";
88. lblLoginErrorMessage.insertAdjacentHTML('beforeend', sLoginErrorMessage );
89.  
90. }
91. }
92. }
93.  
94.  
95. ajax.open( "POST", "api_login_users.php", true );
96. var jFrmLogin = new FormData( frmLogin );
97. ajax.send( jFrmLogin );
98.  
99. }
100.  
101. <!-- LOGIN for USERS and ADMIN -->
102. <div id="pageLogin" class="page popup">
103. <div class="wrapper">
104. <h3>LOGIN</h3>
105. <form class="form" id="frmLogin">
106. <input type="text" name="txtEmailorPhoneNumber" placeholder="Mobile number or Email" required>
107. <input type="text" name="txtPassword" placeholder="Password" required>
108. <button type="button" class="btnForm" id="btnLoginForm">Login</button>
109. <div class="lblFormExtention">
110. <p class="pnoAccount">Don´t have an account?</p>
111. <button type="button" class="btnShowPage" id="btnSignup">Signup</button>
112. </div>
113. </form>
114. <h3 class="lblErrorMessage" id="lblLoginErrorMessage"></h3>
115. </div>
116. </div>