Advertisement
MichalCzEJ

Untitled

Feb 28th, 2019
118
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.05 KB | None | 0 0
  1. function login(){
  2. global $db, $username, $errors;
  3.  
  4. // grap form values
  5. $username = e($_POST['username']);
  6. $password = e($_POST['password']);
  7.  
  8. $query = "SELECT * FROM users WHERE username='$username' LIMIT 1";
  9. $results = mysqli_query($db, $query);
  10.  
  11. $vypis = mysqli_fetch_array($results);
  12.  
  13. echo"<script>alert(\"". $vypis["password"] . "\")</script>";
  14.  
  15. if (password_verify($password, $vypis["password"])){
  16. // user found logged
  17. // check if user is admin or user
  18. echo"<script>alert(\"Úspěšně přihlášen\")</script>";
  19. $logged_in_user = mysqli_fetch_assoc($results);
  20. if ($logged_in_user['user_type'] == 'admin') {
  21.  
  22. $_SESSION['user'] = $logged_in_user;
  23. $_SESSION['success'] = "You are now logged in";
  24. header('location: index.php');
  25. }
  26. else {
  27. $_SESSION['user'] = $logged_in_user;
  28. $_SESSION['success'] = "You are now logged in";
  29. header('location: index.php');
  30. }
  31. }
  32. else {
  33. array_push($errors, "Wrong username/password combination");
  34. }
  35. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement