-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
executable file
·122 lines (109 loc) · 3.48 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<?php
include_once './admin/functions.php';
if (isset($_SESSION['username'])) {
header("Location: admin/index.php");
}
if(isset($_GET['to'])) {
$to = urldecode(sanitize($_GET['to']));
} else {
$to = '';
}
$login_msg = '';
if (isset($_POST['login_submit'])) {
$username = sanitize($_POST['username']);
$password = sanitize($_POST['password']);
$query = "SELECT * FROM users WHERE username = '$username' LIMIT 1";
$result = mysqli_query($conn, $query);
$count = mysqli_num_rows($result);
if($count > 0) {
while($row = mysqli_fetch_assoc($result)) {
if($row['password'] == $password) {
$_SESSION['username'] = $username;
$_SESSION['role'] = $row['role'];
if($to != '' ) {
redirect($to);
} else {
if($row['role'] == 'admin') {
redirect('admin/index.php');
} else {
redirect('profile.php');
}
}
die();
} else {
$login_msg = 'Password did not match';
}
}
} else {
$login_msg = 'Username or password error.';
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>User Login</title>
<!-- Tell the browser to be responsive to screen width -->
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Font Awesome -->
<link rel="stylesheet" href="admin/assets/plugins/fontawesome-free/css/all.min.css">
<!-- icheck bootstrap -->
<link rel="stylesheet" href="admin/assets/plugins/icheck-bootstrap/icheck-bootstrap.min.css">
<!-- Theme style -->
<link rel="stylesheet" href="admin/assets/css/adminlte.min.css">
</head>
<body class="hold-transition login-page">
<div class="login-box">
<div class="login-logo">
<h3>User Login</h3>
</div>
<!-- /.login-logo -->
<div class="card">
<div class="card-body login-card-body">
<p class="login-box-msg text-danger"><?php echo $login_msg; ?></p>
<p class="login-box-msg text-success"><?php echo (isset($_REQUEST['message']) && $_REQUEST['message'] = "registrationsuccess") ? "Registration successful. Use your uername and password to login." : ""; ?></p>
<form action="" method="post">
<div class="input-group mb-3">
<input type="text" class="form-control" name="username" placeholder="Username" autofocus>
<div class="input-group-append">
<div class="input-group-text">
<span class="fas fa-envelope"></span>
</div>
</div>
</div>
<div class="input-group mb-3">
<input type="password" class="form-control" name="password" placeholder="Password">
<div class="input-group-append">
<div class="input-group-text">
<span class="fas fa-lock"></span>
</div>
</div>
</div>
<div class="row">
<!-- /.col -->
<div class="col-12">
<button type="submit" class="btn btn-info btn-block" name="login_submit">Sign In</button>
</div>
<!-- /.col -->
</div>
</form>
<p class="mt-4 text-center">
<a href="register.php" class="text-center">Register a new account.</a>
</p>
<p class="mt-4 text-center">
<a href="index.php" class="text-center">Back to website</a>
</p>
<!-- /.login-card-body -->
</div>
</div>
<!-- /.login-box -->
<!-- jQuery -->
<script src="admin/assets/plugins/jquery/jquery.min.js"></script>
<!-- Bootstrap 4 -->
<script src="admin/assets/plugins/bootstrap/js/bootstrap.bundle.min.js"></script>
<!-- AdminLTE App -->
<script src="admin/assets/js/adminlte.min.js"></script>
</body>
</html>