<div class="wrapper"> <form class="form-signin" method="post" action='../db/l

1. <div class="wrapper">
2. <form class="form-signin" method="post" action='../db/loginCon.php'; >
3. <h2 class= form-signin-heading""></h2>
4.  
5. <input type="text" class="form-control" name="userName"
6. placeholder="Username" autofocus="" />
7.  
8. <input type="password" class="form-control" name="userPass"
9. placeholder="Password" />
10.  
11. <button id="btnLogin" class="btn btn-success"
12. type="submit">Login</button>
13.  
14. <a href="../index.php"><button class="btn btn-primary"
15. type="submit">Cancel</button></a>
16.  
17. <?php echo $errmsg; ?>
18. </form>
19. </div>
20.  
21. <?php
22. include ('dbConnLogin.php');
23. $sql = "SELECT User_ID, User_Access, User_Name, User_Password,
24. User_Type FROM tbluseraccount WHERE User_Name" = . $_POST["userName"];
25.  
26. $result = $conn->query($sql);
27. if($result->num_rows > 0){
28. $row = $result->fetch_assoc();
29.  
30. if($row["User_Name"] == ($_POST["userName"]) && $row["User_Password"] == ($_POST["userPass"])){
31.  
32.  
33. //Redirect User if Access == 1 -> Admin else == 0 User
34. if($row["User_Name"] == ($_POST["userName"]) && $row["User_Password"] == ($_POST["userPass"]) && $row[ "User_Access"] == 1){
35.  
36. header("Location: ../views/admin-index.php");
37.  
38. }
39. elseif($row["User_Name"] == ($_POST["userName"]) && $row["User_Password"] == ($_POST["userPass"]) && $row["User_Access"] == 0){
40.  
41. header("Location: ../views/user-index.php");
42. }
43.  
44. else{
45. $errmsg = "Invalid Username and Password";
46. }
47.  
48. }
49. }
50.  
51. $conn->close();
52.  
53. ?>
54.  
55. <?php
56.  
57. $servername = "localhost";
58. $username = "root";
59. $password = "";
60. $dbname = "mydb";
61.  
62.  
63. $conn = new mysqli($servername, $username, $password, $dbname);
64.  
65.  
66. if($conn->connect_error){
67.  
68. die("Connection failed: " . $conn->connect_error);
69. }
70.  
71. ?>