Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- session_start();
- $fields_error = "";
- $fields_error1 = "";
- $error = "";
- $mysqli = new mysqli("localhost", "root", "heihei", "innlogging") or die("cannot connect");
- if(isset($_POST['Register'])){
- header("location:register.php");
- }
- if (isset($_POST['Submit'])) {
- if (empty($_POST['username']) || trim($_POST['username']) == "") {
- $fields_error = "Username is required";
- header("location:mainpage.php");
- } else {
- $username = $mysqli ->real_escape_string(htmlspecialchars($_POST['username'], ENT_QUOTES, 'UTF-8'));
- }
- if (empty($_POST['password']) || trim($_POST['password']) == '') {
- $fields_error1 = "Password is required";
- header("location:mainpage.php");
- } else {
- $password = $mysqli->real_escape_string(sha1(md5($_POST['password'])));
- }
- if (empty($fields_error) && empty($fields_error1)) {
- $result = $mysqli->query("SELECT * FROM users WHERE username='$username' AND pass='$password'");
- $data = $result->num_rows;
- if ($data) {
- $_SESSION["username"] = $username;
- $_SESSION["isloggedin"] = true;
- $_SESSION[$mysqli];
- $result2 = $mysqli ->query("SELECT * FROM users WHERE username='$username' AND pass='$password' AND isadmin='1'");
- $data2 = $result2 -> num_rows;
- if($data2){
- $_SESSION["isadmin"] = 1;
- }
- else{
- $_SESSION["isadmin"] = 0;
- }
- echo htmlspecialchars(strip_tags($_POST['username']), ENT_QUOTES, 'UTF-8');
- header("location:mainpage.php");
- } else {
- header("location:mainpage.php");
- $error = "OOOPS..Username or Password is wrong!!!";
- }
- $mysqli->close();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement