-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
54 lines (46 loc) · 1.76 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
// Establish a database connection
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Retrieve the user's input from the HTML form
$username = $_POST["username"];
$password = $_POST["password"];
// Query the database to check user credentials and usertype
$sql = "SELECT id, usertype FROM user WHERE username = ? AND password = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ss", $username, $password);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 1) {
// User login successful
$row = $result->fetch_assoc();
$userId = $row['id'];
$userType = $row['usertype'];
session_start(); // Start a session (if not already started)
$_SESSION['user_id'] = $userId; // Store the user id in the session
// Redirect based on usertype
if ($userType == 1) {
// User is a regular user, redirect to home.php
header("Location: home.php?id=$userId");
} elseif ($userType == 0) {
// User is an admin, redirect to admindash.php
header("Location: admindash.php?id=$userId");
} else {
// Invalid usertype (handle accordingly)
echo "Invalid usertype";
}
exit(); // Ensure no further code is executed after the redirect
} else {
// Invalid credentials
echo "Login failed. Please check your username and password.";
header("refresh:2;url=index.html");
}
}
?>