Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- isvalid.php
- <?php
- session_start();
- include('includes/confi.php');
- include("session.php");
- $eid = $_SESSION['employee_id'];
- $sql = "SELECT * FROM employee WHERE employee_id = :eid";
- $query = $dbh->prepare($sql);
- $query->bindParam(':eid', $eid, PDO::PARAM_STR);
- $query->execute();
- if($_SESSION['empid']=="")
- {
- $_SESSION['msg']="Access Denied";
- header("location:index.php");
- }
- ?>
- do_login.php
- <?php include('includes/confi.php');
- if(isset($_POST["submit"])){
- $empid=$_POST["empid"];
- $pass=$_POST["password"];
- $sql= "UPDATE `employee` SET status = 1 WHERE empid= :empid and
- password = :pass ";
- $query = $dbh->prepare($sql);
- $query->bindParam(':empid',$empid,PDO::PARAM_STR);
- $query->bindParam(':pass',$pass,PDO::PARAM_STR);
- $query->execute();
- $sql = "SELECT employee_id, fname, lname, empid, email, password,
- status, role, team, teamcode FROM employee where empid = :empid and
- password = :pass";
- $query = $dbh->prepare($sql);
- $query->bindParam(':empid', $empid, PDO::PARAM_STR);
- $query->bindParam(':pass', $pass, PDO::PARAM_STR);
- $query->execute();
- $row = $query->fetch(PDO::FETCH_BOTH);
- if(is_array($row))
- {
- session_start();
- $_SESSION["empid"]=$empid;
- $_SESSION["role"]=$row["role"];
- $_SESSION["eid"]=$row["empid"];
- $_SESSION["status"]=$row['status'];
- $_SESSION["employee_id"]=$row['employee_id'];
- $_SESSION['uname']=$row['fname']." ".$row['lname'];
- $_SESSION['team']=$row['team'];
- $_SESSION['teamcode']=$row['teamcode'];
- $_SESSION['email']=$row['email'];
- if($_SESSION["role"]=='admin' ){
- $_SESSION['alogin']=$_POST['empid'];
- header("Location:admin/home.php");
- }
- elseif($_SESSION["role"]=='aam' ){
- $_SESSION['tlogin']=$_POST['empid'];
- header("Location:aam/home.php");
- }
- elseif($_SESSION["role"]=='TL' ){
- $_SESSION['tlogin']=$_POST['empid'];
- header("Location:TL/home.php");
- }
- else{
- $_SESSION['emplogin']=$_POST['empid'];
- header("Location:home.php");
- }
- }
- else{
- echo "<script>
- alert('Employee ID or Password Incorrect');
- window.location.href='index.php';
- </script>";
- }
- }
- ?>
- <?php
- include("isvalid.php");
- echo "This is Home Page";
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement