<?phpinclude './includes/database.php';session_start();// Create con

1. <?php
2.  
3. include './includes/database.php';
4.  
5. session_start();
6.  
7. // Create connection
8.  
9. $db = mysqli_connect($host, $user, $password, $database)
10. or die("Error: ". mysqli_connect_error());
11.  
12. // Check if user is logged in
13.  
14. // Check if post isset
15.  
16. // Always start with an empty error first
17. $error = "";
18.  
19. if (isset($_POST['submit'])) {
20.  
21. $username = $_POST['username'];
22. $password = $_POST['password'];
23.  
24. // Store Query in variable
25. $usersQuery = "SELECT * from users WHERE login_name = '$username' and password_hash = '$password' ";
26.  
27. // Run query with msql_queryy and check if it connects
28. $result = mysqli_query($db, $usersQuery)
29. or die("Failed to query".msqli_error());
30.  
31. // fetch the results
32. $row = mysqli_fetch_assoc($result);
33.  
34. // U can do stricter checks, but for now we're just doing one simple error.
35.  
36. if(empty($username) || empty($password )) {
37. $error = "Vul beide gegevens in";
38. }
39.  
40. if ($username == $row['login_name'] || $password == $row['password_hash']) {
41.  
42. /* // E-mail
43. $_SESSION['type'] = $email; */
44.  
45. // Nog van de opdracht
46. $_SESSION['type'] = $row['user_type'];
47. $_SESSION['name'] = $row['first_name'];
48. $_SESSION['user_id'] = ((isset($row['user_id'])) ? ($row['user_id']) : '');
49.  
50.  
51. if($_SESSION['type'] == 'admin') { // admin word straks een variable die je hebt geconnect met database.
52. header("Location: ./users/admin/home.php");
53. exit;
54.  
55. } else if($_SESSION['type'] == 'employee') {
56. header("Location: ./users/employee/home.php");
57. exit;
58. }
59.  
60.  
61. } else if ($username != $row['login_name'] || $password != $row['password_hash']) {
62. $error = "Combinatie gebruikersnaam/wachtwoord onjuist";
63. }
64.  
65. }
66.  
67. // Am I loggin in? Please go to secure page
68.  
69. ?>
70.  
71. <!DOCTYPE html>
72. <html>
73.  
74. <head>
75. <title>Login</title>
76. <link rel="stylesheet" type="text/css" href="../app/assets/styles/css/main.css">
77. </head>
78.  
79. <body>
80.  
81. <div class="login__container">
82.  
83. <div class="login__left-square">
84. <div class="login__logo-wrapper">
85. <div class="login__logo">
86. <img class="login__logo-img" src="../app/assets/images/sumo.png" />
87. </div>
88. </div>
89. </div>
90.  
91. <div class="login__right-square">
92. <form method="post" action="<?= $_SERVER['REQUEST_URI']; ?>">
93. <div class="login__input-container">
94. <div class="login__input-wrapper">
95. <div class="login__input">
96. <input class="login__username" id="username" type="username" name="username" placeholder="Gebruikersnaam"/>
97. </div>
98. <div class="login__input">
99. <input class="login__password" id="password" type="password" name="password" placeholder="Wachtwoord"/>
100. </div>
101.  
102. <div class="login__input">
103. <button class="login__submit" type="submit" name="submit">
104. <h2 class="login__submit-title"> Login </h2>
105. </button>
106. </div>
107.  
108. <div class="login__error-wrapper">
109. <p class="login__error"><?= $error ?></p>
110. </div>
111.  
112.  
113.  
114. </div>
115. </div>
116. </form>
117. </div>
118.  
119. </div>
120.  
121. </body>
122.  
123. </html>