Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // preparing a temporary table that unions the admin and employee tables
- $TMP = "SELECT EMP_ID AS ID, EMP_EMAIL AS EMAIL, 2 AS TYPE FROM employee
- UNION
- SELECT ID, EMAIL, 1 AS TYPE FROM admin ";
- $result = $con->prepare($TMP);
- $result-> execute();
- $result-> store_result();
- $result-> fetch();
- // preparing select statement for logging in
- $stmt = $con->prepare('SELECT `TYPE` FROM `".$result."` WHERE `ID` = ?');
- // Bind parameters (s = string, i = int, b = blob, etc), in our case the username is a string so we use "s"
- $stmt->bind_param('i', $_POST['ID']);
- $stmt->execute();
- // Store the result so we can check if the account exists in the database.
- $stmt->store_result();
- if ($stmt->num_rows > 0) {
- $stmt->bind_result($ID);
- $stmt->fetch();
- }
- if ($stmt['TYPE'] == 1) {
- if ($_POST['ID'] == $ID) {
- // Verification success! User has loggedin!
- // Create sessions so we know the user is logged in, they basically act like cookies but remember the data on the server.
- session_regenerate_id();
- $_SESSION['loggedin'] = TRUE;
- $_SESSION['email'] = $_POST['EMAIL'];
- $_SESSION['id'] = $ID;
- echo 'Welcome ' . $_SESSION['email'] . '!';
- } else {
- echo 'Incorrect password!';
- }
- } else if ($stmt['TYPE'] == 2) {
- if ($_POST['ID'] == $ID) {
- // Verification success! User has loggedin!
- // Create sessions so we know the user is logged in, they basically act like cookies but remember the data on the server.
- session_regenerate_id();
- $_SESSION['loggedin'] = TRUE;
- $_SESSION['email'] = $_POST['EMAIL'];
- $_SESSION['id'] = $ID;
- echo 'Welcome ' . $_SESSION['email'] . '!';
- } else {
- echo 'Incorrect password!';
- }
- }
- $stmt-> close();
- $result-> close();
- $con-> close();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement