Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include '../connect.php';
- session_start();
- function clean($str) {
- $str = @trim($str);
- if(get_magic_quotes_gpc()) {
- $str = stripslashes($str);
- }
- return mysqli_real_escape_string($str);
- }
- //Sanitize the POST values
- $login = clean($_POST['username']);
- $password = clean($_POST['password']);
- //Input Validations
- if($login == '') {
- $errmsg_arr[] = 'Username missing';
- $errflag = true;
- }
- if($password == '') {
- $errmsg_arr[] = 'Password missing';
- $errflag = true;
- }
- //If there are input validations, redirect back to the login form
- //Create query
- $qry="SELECT * FROM table_admin WHERE username='$login' AND password='$password'";
- $result=mysqli_query($qry,$conn);
- //Check whether the query was successful or not
- if($result) {
- if(mysqli_num_rows($result) > 0) {
- //Login Successful
- session_regenerate_id();
- $member = mysql_fetch_assoc($result);
- $_SESSION['SESS_MEMBER_ID'] = $member['id'];
- $_SESSION['SESS_FIRST_NAME'] = $member['name'];
- $_SESSION['SESS_LAST_NAME'] = $member['email'];
- $_SESSION['SESS_PRO_PIC'] = $member['file'];
- session_write_close();
- header("location: index.php");
- exit();
- }else {
- echo '<script language = "javascript">';
- // echo "window.location.href='login.php'";
- echo "alert('Something went wrong, Enter correct details');window.location.href='login.php'";
- echo '</script>';
- exit;
- // echo "<script language = 'javascript'> alert('Wrong Details');'</script>";
- }`enter code here`
- }else {
- die("Query failed");
- }
- ?>
Add Comment
Please, Sign In to add comment