52 lines
1.6 KiB
PHP
52 lines
1.6 KiB
PHP
<?php
|
|
session_start();
|
|
include "./src/PHP/connection2.php";
|
|
|
|
if (isset($_POST['uname']) && isset($_POST['password'])) {
|
|
function validate($data){
|
|
$data = trim($data);
|
|
$data = stripslashes($data);
|
|
$data = htmlspecialchars($data);
|
|
return $data;
|
|
}
|
|
|
|
$uname = $_POST['uname'];
|
|
$pass = $_POST['password'];
|
|
|
|
if (empty($uname)) {
|
|
header("Location: index.php?error=Username is required");
|
|
exit();
|
|
} else if (empty($pass)) {
|
|
header("Location: index.php?error=Password is required");
|
|
exit();
|
|
} else {
|
|
$sql = "SELECT * from users WHERE user_name=?";
|
|
$stmt = $conn->prepare($sql);
|
|
$stmt->bind_param("s", $uname);
|
|
$stmt->execute();
|
|
$result = $stmt->get_result();
|
|
if (mysqli_num_rows($result) === 1) {
|
|
$row = mysqli_fetch_array($result);
|
|
if ($row['user_name'] === $uname && password_verify($pass, $row['password'])) {
|
|
$_SESSION['user_name'] = $row['user_name'];
|
|
$_SESSION['name'] = $row['name'];
|
|
$_SESSION['id'] = $row['id'];
|
|
$_SESSION['mandt'] = $row['mandt'];
|
|
$_SESSION['admin'] = $row['admin'];?>
|
|
<?php
|
|
header("Location: home.php");
|
|
exit();
|
|
} else {
|
|
header("Location: index.php?error=Incorrect Username or Password");
|
|
exit();
|
|
}
|
|
} else {
|
|
header("Location: index.php?error=Incorrect Username or Password");
|
|
exit();
|
|
}
|
|
}
|
|
} else {
|
|
header("Location: ./index.php");
|
|
exit();
|
|
}
|
|
?>
|