if(!empty($_POST['username'] && $_POST['pass'])) { $id=0; $username =

1. if(!empty($_POST['username'] && $_POST['pass'])) {
2. $id=0;
3. $username = $_POST['username'];
4. $pass = $_POST['pass'];
5. $result = mysqli_query($conn,"SELECT * FROM users WHERE username='" . $username . "' AND password = '". $pass ."'");
6. if(mysqli_num_rows($result)==1) {
7.  
8. while ($row = mysqli_fetch_assoc($result)) {
9. $id = $row['id'];
10. $type = $row['type'];
11. }
12. $_SESSION['username'] = $username;
13. $_SESSION['id'] = $id;
14. if ($type == 'admin') {
15.  
16. header("Location: index_af_adm.php");
17.  
18. } else {
19.  
20. header("Location: index_af.php");
21. }
22. }else{
23.  
24. $message='Username sau parola sunt invalide';
25. header('Location: index.php?msg=1');
26.  
27. }
28. }