-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.php
128 lines (110 loc) · 4.76 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<!--this page don't need to connetion.php faizullah firozi-->
<?php
if(!isset($_SESSION)) { session_start(); }
if(isset($_SESSION["login"])){
header("location:home.php");
}
/*mysql connection by faizullah firozi wardak 0780002528*/
$server = "localhost";
$username = "root";
$password = "";
$database = "breshna";
$con = mysqli_connect($server, $username, $password);
mysqli_select_db($con,$database);
// wrapper function
function getValue($value){
global $con;
return mysqli_real_escape_string($con, $value);
}
// code for form validation
$error_username = $error_password = "";
$error = false;
if(isset($_POST["submit"])){
if(!empty($_POST["username"])){
if(strlen($_POST["username"]) < 3){
$error_username = "Your Username must be at least 3 ";
$error = true;
}
}else{
$error_username = " * Please Enter Username ";
$error = true;
}
if(!empty($_POST["password"])){
if(strlen($_POST["password"]) < 3){
$error_password = "Your Password must be at least 3 ";
$error = true;
}
}else{
$error_password = " * Please Enter password ";
$error = true;
}
if(!$error){
$user = getValue($_POST["username"]);
$pass = getValue($_POST["password"]);
$sql = "SELECT * FROM users WHERE user_name ='$user' AND user_password = PASSWORD('$pass') ";
$login = mysqli_query($con, $sql);
$totalrow = mysqli_num_rows($login);
if ($totalrow == 1) {
$row_login = mysqli_fetch_assoc($login);
$_SESSION["login"] = $row_login["employee_id"];
//user level
$level = mysqli_query($con, "SELECT * FROM user_level WHERE employee_id=" . $_SESSION["login"]);
$row_level = mysqli_fetch_assoc($level);
$_SESSION["admin"] = $row_level["admin_level"];
$_SESSION["hr"] = $row_level["hr_level"];
$_SESSION["finance"] = $row_level["finance_level"];
$_SESSION["customer"] = $row_level["customer_level"];
header("location:home.php");
}else{
header("location:index.php?login=failed");
exit();
// error
}
}
}
?>
<?php require_once("top.php"); ?>
<div id="login">
<form method="post">
<h1 align="center" style="margin-bottom: 20px;color:lightblue">Login to breshna MIS</h1>
<!-- message if you not login and go to home or other page -->
<?php if(isset($_GET["notlogin"])) { ?>
<div class="alert alert-warning text-danger p-3 alert-dismissable" >
<button class="close" area-hidden="true" data-dismiss="alert" style="font-size:40px; color:blue">X</button><b>
مهربانی وکړئ لومړی قانونی ورته داخل شئ
</b>
</div>
<?php } ?>
<!-- login error message firozi wardak -->
<?php if(isset($_GET["login"])){ ?>
<div class="alert alert-danger text-center alert-dismissable" style="font-size:18px; color:red">
<button class="close" area-hidden="true" data-dismiss="alert">×</button>
په دقت سره یی ولیکه... دا <b style="font-size:25px;color:blue"> غلت </b> دی
</div>
<?php } ?>
<!-- login form -->
<div class="input-group-text">
<span class="input-group-addon text-success mr-2">Username</span>
<input class="form-control" autocomplete="off" type="text" placeholder="EX: faizullah firozi" name="username">
</div>
<span class="text-danger h5"><?php if($error) { echo $error_username; } ?></span>
<div class="input-group-text mt-2">
<span class="input-group-addon text-success mr-2">Password</span>
<input class="form-control" type="password" placeholder="EX : Wardak tech" name="password">
</div>
<span class="text-danger h5"><?php if($error) { echo $error_password; } ?></span>
<input class="btn btn-outline-warning btn-lg mt-3 btn-block " type="submit" name="submit" value="login">
</form><br>
<div class="text-center">
<img src="images/logo/firozi.jpg" width="200px" class="rounded-circle img-thumbnail">
<span class="spinner-grow text-dark" role="none"></span>
<span class="spinner-grow text-danger" role="none"></span>
<span class="spinner-grow text-success " role="none"></span>
</div>
</div>
</div>
</div>
<div id="footer" class="row navbar navbar-fixed-bottom">Copyright © <?php echo date("Y"); ?> Faizullah firozi </div>
</div>
</body>
</html>