SHARE
TWEET

Untitled

a guest Jun 17th, 2019 92 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. if(isset($_POST['submit']))
  2. {
  3.     SignIn();
  4. }
  5. function SignIn()
  6. {
  7.     session_start();   //starting the session for user profile page
  8.     if(!empty($_POST['user']))   //checking the 'user' name which is from Sign-In, is it empty or have some text
  9.     {
  10.         $query = mysql_query ("SELECT * FROM websiteusers WHERE userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(" db not available" . mysql_error());
  11.         $row = mysql_fetch_array($query) or die(mysql_error());
  12.  
  13.  
  14.         if(!empty($row['userName']) and !empty($row['pass']) )
  15.         {
  16.             if ($row['usertype']=="admin")
  17.             {
  18.                 session_start ();
  19.                 $_SESSION['name'] = $row['fullname'];
  20.                 $_SESSION['userID'] = $row['userID'];
  21.                 header("location:admin.php");
  22.             }
  23.             elseif ($row['usertype']=='designer')
  24.             {
  25.                 session_start ();
  26.                 $_SESSION['name'] = $row['fullname'];
  27.                 $_SESSION['userID'] = $row['userID'];
  28.  
  29.  
  30.                 header("location:designer.php");
  31.  
  32.             }
  33.  
  34.         }
  35.         else
  36.         {
  37.             echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
  38.         }
  39.     }
  40. }
  41.      
  42. //I hope this die() here is only for testing purpose.
  43. //In a live version available to public, you should use some better way of
  44. //displaying errors such as exception handling
  45. $query = mysql_query ("SELECT * FROM websiteusers WHERE userName = '".mysql_real_escape_string($_POST[user])."' AND pass = '".mysql_real_escape_string($_POST[pass]."'") or die(" db not available" . mysql_error());
  46.     if(mysql_num_rows($query)>0){ //this means username and password is found
  47.       //the die() here is not needed, since a match is found, it will fetch it
  48.       $row = mysql_fetch_array($query) or die(mysql_error());
  49.  
  50.         if ($row['usertype']=="admin")
  51.         {
  52.             session_start ();
  53.             $_SESSION['name'] = $row['fullname'];
  54.             $_SESSION['userID'] = $row['userID'];
  55.             header("location:admin.php");
  56.         }
  57.         elseif ($row['usertype']=='designer')
  58.         {
  59.             session_start ();
  60.             $_SESSION['name'] = $row['fullname'];
  61.             $_SESSION['userID'] = $row['userID'];
  62.  
  63.             header("location:designer.php");
  64.  
  65.         }
  66.  
  67.     }
  68.     else //no match for that username and password is found
  69.     {
  70.         echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
  71.     }
  72. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top