-
Notifications
You must be signed in to change notification settings - Fork 0
/
signin_process.php
48 lines (43 loc) · 1.48 KB
/
signin_process.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['email']) || empty($_POST['password'])) {
$error = "email or Password is invalid";
}
else
{
// Define $username and $password
$customer_username=$_POST['email'];
$customer_password=$_POST['password'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
require 'connection.php';
$conn = Connect();
// SQL query to fetch information of registerd users and finds user match.
$query = "SELECT email, password FROM users WHERE email=? AND password=? LIMIT 1";
// To protect MySQL injection for Security purpose
$stmt = $conn->prepare($query);
$stmt -> bind_param("ss", $customer_username, $customer_password);
$stmt -> execute();
$stmt -> bind_result($customer_username, $customer_password);
$stmt -> store_result();
if ($stmt->fetch()) //fetching the contents of the row
{
$sql1 = "SELECT ssn FROM users WHERE email ='$customer_username'";
$result1 = mysqli_query($conn, $sql1);
$row1 = mysqli_fetch_assoc($result1);
$ssn = $row1["ssn"];
$_SESSION['login_customer']=$ssn; // Initializing Session
header("location: index.php"); // Redirecting To Other Page
} else {
echo '<script>';
echo 'alert("Username or Password is invalid");';
echo '</script>';
echo '<script>';
echo 'window.location = "signin.php"';
echo '</script>';
}
mysqli_close($conn); // Closing Connection
}
}
?>