Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // Login Ajax Code
- $( "#content" ).on("submit", "#loginform", function( event ) {
- // Stop normal form behaviour
- event.preventDefault();
- // Retrieve input fields and their values
- var $form = $( this ),
- $username = $form.find( "input[name='username']" ).val(),
- $userpassword = $form.find( "input[name='userpassword']" ).val(),
- url = $form.attr( "action" );
- // Post above values to the action of the form
- var posting = $.post( url, { username: $username, userpassword: $userpassword} );
- // Show result in a div
- posting.done(function( data ) {
- obj = JSON.parse(data);
- if(obj.userdata == ''){
- $( "#loginresult" ).empty().slideDown('fast').append( obj.message );
- }else if(obj.userdata == 'admin'){
- window.location.href = "http://www.vcaweb.nl/admin";
- }else if(obj.userdata == 'user'){
- window.location.href = "http://www.vcaweb.nl/dashboard";
- }
- }, "json");
- });
- <?php
- session_start();
- *connection class is here*
- $conn = new Connection;
- $username = $_POST['username'];
- $userpassword = $_POST['userpassword'];
- *error messages code not relevant*
- else{
- //Both filled in, begin logincode:
- $getuser = "
- SELECT u.id as userid, u.username, u.rights, u.password, c.name, c.userid as companyuid, c.logo
- FROM users u
- LEFT JOIN company c
- ON u.id = c.userid
- WHERE u.username = '".$conn->real_escape_string($username)."'";
- $getusercon = $conn->query($getuser);
- $getuser = $getusercon->fetch_assoc();
- if(!empty($getuser['logo'])){
- $sessionlogo = str_replace('/home/vcaweb/public_html/', '', $getuser['logo']);
- }else{
- $sessionlogo = 'Hier een placeholder';
- }
- if($userpassword == $getuser['password']){
- if($getuser['rights'] == '1'){
- $_SESSION['userdata']['user'] = 'Mark Kraaijo';
- $_SESSION['userdata']['rights'] = '1';
- $_SESSION['userdata']['logo'] = 'assets/images/logo.png';
- $loginresult = array(
- 'login_result' => 'success',
- );
- $logindata = array(
- 'userdata' => 'admin',
- );
- echo json_encode($logindata);
- }else{
- $_SESSION['userdata']['user'] = $getuser['name'];
- $_SESSION['userdata']['rights'] = '0';
- $_SESSION['userdata']['logo'] = $sessionlogo;
- $loginresult = array(
- 'login_result' => 'success',
- );
- $logindata = array(
- 'userdata' => 'user',
- );
- echo json_encode($logindata);
- }
- }else{
- $logindata = array(
- 'userdata' => '',
- 'message' => 'Wachtwoord en gebruikersnaam komen niet overeen',
- );
- echo json_encode($logindata);
- }
- }
- ?>
- // Check if session is set
- if(isset($_SESSION['userdata'])){
- // Check if user is admin, if yes and user has rights to visit page, redirect to loginpage
- if($_SESSION['userdata']['rights'] == '0' && $restriction == 'admin'){
- header('Location: http://www.vcaweb.nl/login');
- }
- // Logo
- $logo = '<img class="headerlogo" src="'.$_SESSION['userdata']['logo'].'">';
- }else{
- header('Location: http://www.vcaweb.nl/login');
- }
- session_unset();
- session_destroy();
Add Comment
Please, Sign In to add comment