Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // if everything is valid then set valid_form to true
- $valid_form = $valid_email && $valid_password;
- if ($valid_form) {
- // Create connection
- include 'config.php';
- // check if email exists in database
- $stmt = $db->prepare("SELECT Email_Address, Password, Role, First_Name FROM users WHERE Email_Address=?");
- $stmt->bind_param('s', $email);
- // running insert statement
- if ($stmt->execute() === TRUE) {
- echo "Email checked successfully";
- } else {
- echo "Error: " . $db->error;
- }
- // bind result variables
- $stmt->bind_result($stored_email, $stored_password, $stored_role, $stored_first_name);
- // fetch value
- $stmt->fetch();
- // close statement
- $stmt->close();
- // close the connection
- $db->close();
- // if email address does not exist, redirect back to login page with an error message
- if ($stored_email == NULL) {
- $_SESSION['error_email'] = "That email address does not exist";
- $_SESSION['alertMessage'] = $msg_fail;
- header("Location: login.php");
- die();
- }
- // check the password in the database against the user submitted password
- $correct_password = password_verify($password, $stored_password);
- // if matching, send user to welcome page
- if ($correct_password) {
- /* get info about the logged in user to use elsewhere */
- $_SESSION['first_name'] = $stored_first_name;
- $_SESSION['role'] = $stored_role;
- $_SESSION['email_address'] = $stored_email;
- $_SESSION['logged_in'] = true;
- if ($stored_role == "User") {
- header("Location: dashboard-user.php");
- die();
- }
- header("Location: dashboard-agent.php");
- die();
- } else {
- $_SESSION['error_password'] = "Your password is incorrect";
- $_SESSION['alertMessage'] = $msg_fail;
- header("Location: login.php");
- die();
- }
- } else {
- $_SESSION['alertMessage'] = $msg_fail;
- header("Location: login.php");
- die();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement