Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function login(){
- global $con, $username, $errors;
- $username = e($_POST['username']);
- $password = e($_POST['password']);
- // make sure form is filled properly
- if (empty($username)) {
- array_push($errors, "Username is required");
- }
- if (empty($password)) {
- array_push($errors, "Password is required");
- }
- // attempt login if no errors on form
- if (count($errors) == 0) {
- $password = md5($password);
- $query = "SELECT fss_OnlineRegister.custid, custemail, password, fss_Customer.user_type FROM fss_OnlineRegister, fss_Customer WHERE custemail='$username' AND password='$password' LIMIT 1";
- $results = mysqli_query($con, $query);
- if (mysqli_num_rows($results) == 1) { // user found
- // check if user is admin or user
- $rows = mysqli_fetch_array($results);
- $logged_in_user = mysqli_fetch_assoc($results);
- if ($rows["user_type"] == "1") {
- $_SESSION['user'] = $rows["custemail"];
- $_SESSION['custid'] = $rows["custid"];
- $_SESSION['success'] = "You are now logged in";
- header('location: admin/index.php');
- }else{
- $_SESSION['user'] = $rows["custemail"];
- $_SESSION['custid'] = $rows["custid"];
- $_SESSION['success'] = "You are now logged in";
- header('location: index.php');
- }
- }else {
- array_push($errors, "Wrong username/password combination");
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement