Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ////////////////////////////////////////////////////////////////////////////////////////////////////
- session_start(); //
- error_reporting(0); //
- include('includes/config.php'); //
- if($_SESSION['alogin']!=''){ //
- //
- } //
- if(isset($_POST['login'])) //
- { //
- $uname=$_POST['username']; //
- $password=md5($_POST['password']); //
- $sql ="SELECT `UserName`, `Password`,`privilegio` FROM admin WHERE UserName=:uname and Password=:password and privilegio=:privilegio"; //
- $query= $dbh -> prepare($sql); //
- $query-> bindParam(':uname', $uname, PDO::PARAM_STR); //
- $query-> bindParam(':password', $password, PDO::PARAM_STR);
- $query-> bindParam(':privilegio', $privilegio, PDO::PARAM_STR);
- $query-> execute(); //
- $results=$query->fetchAll(PDO::FETCH_OBJ); //
- if($query->rowCount() > 0) //
- { //
- $_SESSION['alogin']=$_POST['username']; //
- if($_SESSION["privilegio"] == 'Administrador')
- header("Location: dashboard.php");
- }
- elseif($_SESSION["privilegio"] == 'Empleado'){
- header("Location: medico.php");
- }
- else{
- header("Location: index.php");
- }
- }
- ?>
Add Comment
Please, Sign In to add comment