<?phpif(!empty($_POST)){ if(isset($_POST["username"]) && isset($_POST["pa

1. <?php
2. if(!empty($_POST)){
3. if(isset($_POST["username"]) && isset($_POST["password"])) {
4. if($_POST["username"] != "" && $_POST["password"] != "") {
5. include "conexion.php";
6.  
7. $user_id = null;
8. $sql1= "select * from user where (username=\"$_POST[username]\" or email=\"$_POST[username]\") and password=\"$_POST[password]\" ";
9. $query = $con->query($sql1);
10.  
11. while ($r=$query->fetch_array()) {
12. $user_id=$r["id"];
13. break;
14. }
15.  
16. if($user_id==null){
17. print "<script>alert(\"Acceso invalido.\");window.location='../login.php';</script>";
18. }
19. else {
20. session_start();
21.  
22. $_SESSION["user_id"] = $user_id;
23. $_SESSION["user_name"] = $r["username"];
24. $_SESSION["user_pass"] = $r["password"];
25. $_SESSION["user_join"] = $r["created_at"];
26.  
27. print "<script>window.location='../home.php';</script>";
28. }
29. }
30. }
31. }
32. ?>