API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 17th, 2019
151
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.42 KB | None | 0 0
raw download clone embed print report
  1. if(isset($_POST['submit']))
  2. {
  3. SignIn();
  4. }
  5. function SignIn()
  6. {
  7. session_start(); //starting the session for user profile page
  8. if(!empty($_POST['user'])) //checking the 'user' name which is from Sign-In, is it empty or have some text
  9. {
  10. $query = mysql_query ("SELECT * FROM websiteusers WHERE userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(" db not available" . mysql_error());
  11. $row = mysql_fetch_array($query) or die(mysql_error());
  12.  
  13.  
  14. if(!empty($row['userName']) and !empty($row['pass']) )
  15. {
  16. if ($row['usertype']=="admin")
  17. {
  18. session_start ();
  19. $_SESSION['name'] = $row['fullname'];
  20. $_SESSION['userID'] = $row['userID'];
  21. header("location:admin.php");
  22. }
  23. elseif ($row['usertype']=='designer')
  24. {
  25. session_start ();
  26. $_SESSION['name'] = $row['fullname'];
  27. $_SESSION['userID'] = $row['userID'];
  28.  
  29.  
  30. header("location:designer.php");
  31.  
  32. }
  33.  
  34. }
  35. else
  36. {
  37. echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
  38. }
  39. }
  40. }
  41.  
  42. //I hope this die() here is only for testing purpose.
  43. //In a live version available to public, you should use some better way of
  44. //displaying errors such as exception handling
  45. $query = mysql_query ("SELECT * FROM websiteusers WHERE userName = '".mysql_real_escape_string($_POST[user])."' AND pass = '".mysql_real_escape_string($_POST[pass]."'") or die(" db not available" . mysql_error());
  46. if(mysql_num_rows($query)>0){ //this means username and password is found
  47. //the die() here is not needed, since a match is found, it will fetch it
  48. $row = mysql_fetch_array($query) or die(mysql_error());
  49.  
  50. if ($row['usertype']=="admin")
  51. {
  52. session_start ();
  53. $_SESSION['name'] = $row['fullname'];
  54. $_SESSION['userID'] = $row['userID'];
  55. header("location:admin.php");
  56. }
  57. elseif ($row['usertype']=='designer')
  58. {
  59. session_start ();
  60. $_SESSION['name'] = $row['fullname'];
  61. $_SESSION['userID'] = $row['userID'];
  62.  
  63. header("location:designer.php");
  64.  
  65. }
  66.  
  67. }
  68. else //no match for that username and password is found
  69. {
  70. echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
  71. }
  72. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!