Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $serverName = "localhost";
- $userName = "root";
- $userPassword = "1234";
- $dbName = "test";
- $objCon = mysqli_connect($serverName,$userName,$userPassword,$dbName);
- $strSQL = "SELECT * FROM adduser WHERE username = '".mysqli_real_escape_string($objCon,$_POST['uname'])."'
- and password = '".mysqli_real_escape_string($objCon,$_POST['pass'])."'";
- $objQuery = mysqli_query($objCon,$strSQL);
- $objResult = mysqli_fetch_array($objQuery,MYSQLI_ASSOC);
- if(!$objResult)
- {
- echo "Username and Password Incorrect!";
- }
- else
- {
- $_SESSION["id_user"]=$objResult["id_user"];
- $_SESSION["status"]=$objResult["status"];
- session_write_close();
- if($objResult["status"]=="ADMIN")
- {
- header("location:admin.php");
- }
- else
- {
- header("location:user.php");
- }
- }
- mysqli_close($objCon);
Add Comment
Please, Sign In to add comment