Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <form action="inc/login.php" method="post">
- <div class="col s3">
- <label for="username">Username</label>
- <input name="username" type="text" class="validate">
- </div>
- <div class="col s3 login_link">
- <label for="password">Password</label>
- <input name="password" type="password" class="validate">
- </div>
- <div class="col s3 login_button">
- <button class="btn waves-effect waves-light" type="submit" name="login">Submit
- <i class="material-icons right">send</i>
- </button>
- </div>
- </div>
- </form>
- <?php
- include "db.php";
- session_start();
- if(isset($_POST['login'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $username = mysqli_real_escape_string($connection, $username);
- $password = mysqli_real_escape_string($connection, $password);
- $query = "SELECT * FROM users WHERE username = '$username' ";
- $select_user = mysqli_query($connection, $query);
- if(!$select_user) {
- die("QUERY FAILED. " . mysqli_error($connection) . ' ' . mysqli_errno($connection));
- }
- while($row = mysqli_fetch_array($select_user)) {
- $db_id = $row['user_id'];
- $db_usename = $row['username'];
- $db_password = $row['user_password'];
- $db_firstname = $row['user_firstname'];
- $db_lastname = $row['user_lastname'];
- $db_role = $row['user_role'];
- }
- $password = crypt($password, $db_password);
- if($username === $db_usename && $password === $db_password && $db_role === 'admin') {
- $_SESSION['username'] = $db_usename;
- $_SESSION['firstname'] = $db_firstname;
- $_SESSION['lastname'] = $db_lastname;
- $_SESSION['role'] = $db_role;
- header("Location: ../admin");
- } else {
- header("Location: ../index.php");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
