<?phpsession_start();ob_start();include '../config.php';if (isset($_POST['em

1. <?php
2. session_start();
3. ob_start();
4. include '../config.php';
5. if (isset($_POST['email']) && isset($_POST['password'])) {
6. $username = $_POST['email'];
7. $password = $_POST['password'];`enter code here`
8. $username = mysqli_real_escape_string($conn , $username);
9. $password = mysqli_real_escape_string($conn , $password);
10. $password_md5 = md5($password);
11. $query = "select * from admin where `email` = '$username' AND `password` = '$password_md5'";
12. $result = mysqli_query($conn , $query);
13. $row = mysqli_fetch_array($result , MYSQLI_NUM);
14. $rows = mysqli_num_rows($result);
15. if ($rows == 1) {
16. $_SESSION["id"] = $row['id'];
17. $_SESSION["role_id"] = $row['role_id'];
18. //$_SESSION["role"] = $row['role'];
19. $_SESSION["email"] = $row['email'];
20. //$_SESSION['admin'] = "admin";
21. header("Location: dashboard.php?page=dashboard");
22. }else{
23. $fmsg = "invalid username and password";
24. }
25. }
26. ?>
27.  
28.  
29.  
30. <?php
31. $login_session = $_SESSION['id'];
32. $query = "select * from admin where id = '$login_session'";
33. $result = mysqli_query($conn , "$query");
34. $row = mysqli_fetch_array($result , MYSQLI_NUM);
35. ?>
36.  
37. $row = mysqli_fetch_array($result , MYSQLI_ASSOC); //<----change here
38. $rows = mysqli_num_rows($result);
39. if ($rows == 1) {
40. $_SESSION["id"] = $row['id'];
41. $_SESSION["role_id"] = $row['role_id'];
42. //$_SESSION["role"] = $row['role'];
43. $_SESSION["email"] = $row['email'];
44. //$_SESSION['admin'] = "admin";
45. header("Location: dashboard.php?page=dashboard");
46. }else{
47. $fmsg = "invalid username and password";
48. }