Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function login(){
- global $db, $username, $errors;
- // grap form values
- $username = e($_POST['username']);
- $password = e($_POST['password']);
- // make sure form is filled properly
- if (empty($username)) {
- array_push($errors, "Username is required");
- }
- if (empty($password)) {
- array_push($errors, "Password is required");
- }
- $query = "SELECT * FROM users WHERE username='$username' LIMIT 1";
- $results = mysqli_query($db, $query);
- $logged_in_user = mysqli_fetch_assoc($results);
- if (password_verify($password, $logged_in_user["password"])){
- // check if user is admin or user
- if ($logged_in_user['user_type'] == 'admin') {
- $_SESSION['user'] = $logged_in_user;
- header('location: index.php');
- }else{
- $_SESSION['user'] = $logged_in_user;
- header('location: index.php');
- }
- } else {
- array_push($errors, "Wrong username/password combination");
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement