Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("config.php");
- session_start();
- if($_SERVER["REQUEST_METHOD"] == "POST") {
- $myusername = mysqli_real_escape_string($db,$_POST['username']);
- $mypassword = mysqli_real_escape_string($db,$_POST['password']);
- $sql = "SELECT * FROM user WHERE username = '$myusername' and password = '$mypassword'";
- $result = mysqli_query($db,$sql);
- $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
- $active = isset($row['active']);
- $count = mysqli_num_rows($result);
- $role = isset($row['role']);
- if($role = 'admin'){
- $link = 'admin.php';
- }
- elseif($role = 'user'){
- $link = 'user.php';
- }
- elseif($role = 'expert'){
- $link = 'expert.php';
- }
- else{
- $link = '404.php';
- }
- if($count == 1) {
- $_SESSION['username'] = $myusername;
- header("Location: ".$link."");
- exit();
- }else {
- $error = "Your Login Name or Password is invalid";
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement