function login(){ global $db, $username, $errors; // grap form values $u

1. function login(){
2. global $db, $username, $errors;
3.  
4. // grap form values
5. $username = e($_POST['username']);
6. $password = e($_POST['password']);
7.  
8. // attempt login if no errors on form
9. if (count($errors) == 0) {
10. $query = "SELECT * FROM users WHERE username='$username' LIMIT 1";
11. $results = mysqli_query($db, $query);
12. $vypis = mysqli_fetch_array($results)
13. if (password_verify ($vypis["password"], $password )){
14. // user found logged
15. // check if user is admin or user
16. $logged_in_user = mysqli_fetch_assoc($results);
17. if ($logged_in_user['user_type'] == 'admin') {
18.  
19. $_SESSION['user'] = $logged_in_user;
20. $_SESSION['success'] = "You are now logged in";
21. header('location: index.php');
22. }
23. else {
24. $_SESSION['user'] = $logged_in_user;
25. $_SESSION['success'] = "You are now logged in";
26. header('location: index.php');
27. }
28. }
29. else {
30. array_push($errors, "Wrong username/password combination");
31. }
32. }
33. }