forked from pira998/LibraryManagementSystem
-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.php
100 lines (64 loc) · 2.49 KB
/
server.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<?php
session_start();
include '../utility/connection.php';
//intializing variables
$firstname = "";
$lastname ="";
$username ="";
$email = "";
$nic = "";
$errors = array();
// Register Librarians
if(isset($_POST['submit'])){
$firstname = mysqli_real_escape_string($db,$_POST['firstname']);
$lastname = mysqli_real_escape_string($db,$_POST['lastname']);
$username =mysqli_real_escape_string($db,$_POST['username']);
$email=mysqli_real_escape_string($db,$_POST['email']);
$nic=mysqli_real_escape_string($db,$_POST['nic']);
$password_1 = mysqli_real_escape_string($db,$_POST['pass']);
$password_2 = mysqli_real_escape_string($db,$_POST['copass']);
//form validation
if( empty($firstname) ){array_push($errors, "firstname is required");}
if( empty($lastname) ){array_push($errors, "lastname is required");}
if( empty($username) ){array_push($errors, "username is required");}
if( empty($nic) ){array_push($errors, "nic is required");}
if( $password_1 != $password_2){array_push($errors, " Password do not match");}
// check database for existing user with same username
$user_check_query = "SELECT * FROM student_info WHERE username = '$username' or email = '$email' LIMIT 1";
$result = mysqli_query($db,$user_check_query);
$librarian = mysqli_fetch_assoc($result);
if($librarian){
if($librarian['username']===$username){array_push($errors,"Username already exists");}
if($librarian['email']===$username){array_push($errors,"This email id already has a registerd username");}
}
// Register the librarian if no error
if( count($errors)==0){
$password = $password_1;
$query = "INSERT INTO student_info (firstname,lastname,username,email,nic,password,status) VALUES('$firstname','$lastname','$username','$email','$nic','$password','No') ";
mysqli_query($db,$query);
$_SESSION['username' ]== $username;
$_SESSION['success'] == "You are now logged in";header('location: student/index.php');
}
}
if(isset($_POST ["submit1"])){
$count = 0;
$res = mysqli_query($db,"select * from student_info where username='$_POST[username]' && password = '$_POST[pass]' && status='Yes'");
$count = mysqli_num_rows($res);
if($count==0){
?>
<div class="alert alert-danger col-lg-6 col-lg-push-3">
<strong style="color:white">Invalid</strong> Username Or Password.
</div>
<?php
}
else
{
$_SESSION["student"] =$_POST["username"];
?>
<script type="text/javascript">
window.location = "student/index.php"
</script>
<?php
}
}
?>