Untitled

<?php
    session_start();

    $host = "localhost";
    $user = "root";
    $pass = "";
    $db = "jobx";

    $email = $_POST['email'];
    $password = $_POST['password'];

    $link = mysqli_connect($host, $user, $pass, $db);


    // STUDENTS'/ REGISTRARS' DETAILS
    $query1 = "SELECT * FROM xuser, xrole WHERE xuser.role_id = xrole.role_id AND email = '$email' AND password = SHA1('$password') ";
    $result1 = mysqli_query($link, $query1) or die(mysqli_error($link));
    $row1 = mysqli_fetch_array($result1);

    $_SESSION['name'] = $row1['name'];
    $_SESSION['email'] = $row1['email'];

    //member role
    if($row1['xuser.roles_id'] == 2){
        echo "<font color='black'>";
        echo "<p>You have successfully logged in as <b>".$role."</b>, <b>".$_SESSION['name']." (".$_SESSION['email'].")</b><p>";
        echo "Your Graduation session details are as the followings:";
        echo "<table border='3' cellpadding='3'>";
        echo "<tr>";
        echo "<td><b>Student ID:</b></td> <td><b>Name:</b></td> <td><b>School (Diploma):</b></td> <td><b>Session ID:</b></td>";
        echo "<td><b>Venue:</b></td> <td><b>Date:</b></td> <td><b>Time:</b></td>";
        echo "</tr>";
        echo "Click here to <a href='rsvp.php'>RSVP</a> now. </font>";
        echo $msg ;
    }

    //admin role
    else if($row1['xuser.roles_id'] == 3){
            echo "<font color='black'>";
        echo "<p>You have successfully logged in as <b>".$role."</b>, <b>(".$_SESSION['email'].")</b>
        <p>Click here to go to <a href = 'admin.html'>Admin </a> Page.</font>";
        echo $msg;
    }

    else{
            echo "<font color='black'>";
        echo "<p>You have entered an invaild username or password.<p>";
        echo "Login <a href ='login.html'>here</a></font> ";
        echo $msg;
    }

?>

</fieldset>
</body>
</html>