Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php ob_start(); ?>
- <?php include "db.php"; ?>
- <?php
- if(isset($_POST['login'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $username = mysqli_real_escape_string($connection, $username);
- $password = mysqli_real_escape_string($connection, $password);
- $query = "SELECT * FROM users WHERE username = '$username' ";
- $select_user_query = mysqli_query($connection, $query);
- if(!$select_user_query) {
- die("Query Failed " . mysqli_error($connection));
- }
- while($row = mysqli_fetch_array($select_user_query)) {
- $db_user_id = $row['user_id'];
- $db_user_name = $row['username'];
- $db_user_password = $row['user_password'];
- $db_user_firstname = $row['user_firstname'];
- $db_user_lastname = $row['user_lastname'];
- $db_user_role = $row['user_role'];
- }
- if ($username !== $db_user_name && $password !== $db_user_password ) {
- header("Location: ../index.php");
- } elseif ($username == $db_user_name && $password == $db_user_password ) {
- header("Location: ../admin");
- } else {
- header("Location: ../index.php");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement