-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
66 lines (54 loc) · 1.78 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
if(isset($_SESSION['user'])!=""){
header('Location: /home.php');
}
require 'header.php';
if(isset($_POST['btn-login'])){
$user_id = $_POST['uid'];
$password = $_POST['pword'];
echo $password;
$sql = "SELECT EMPLOYEE_ID, PASSWORD, ACTIVE FROM USERS WHERE EMPLOYEE_ID='{$user_id}' AND PASSWORD='{$password}' AND ACTIVE > 0";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
// printf ("%d -- %s -- %s -- %s",$row["EMPLOYEE_ID"], $row["LAST_NAME"], $row["FIRST_NAME"], $row["PHONE_NUMBER"]);
// echo $row["EMPLOYEE_ID"], " - ", $row["ACTIVE"];
$_SESSION['user'] = $row["EMPLOYEE_ID"];
$_SESSION['access'] = $row["ACTIVE"];
// header('Location: home.php');
}
if ($result->num_rows == 0) {
echo "<script>alert('Wrong user information');</script>";
}
}
$sql = "SELECT DEPARTMENT_ID FROM EMPLOYEES WHERE EMPLOYEE_ID='{$user_id}'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
// printf ("%d -- %s -- %s -- %s",$row["EMPLOYEE_ID"], $row["LAST_NAME"], $row["FIRST_NAME"], $row["PHONE_NUMBER"]);
// echo $row["EMPLOYEE_ID"], " - ", $row["ACTIVE"];
$_SESSION['department'] = $row["DEPARTMENT_ID"];
header('Location: home.php');
}
if ($result->num_rows == 0) {
echo "<script>alert('Wrong user information');</script>";
}
}
$conn->close();
}
?>
<h1>Login</h1>
<form action="/login.php" method="post">
<label>
Employee ID
<input type="number" placeholder="Employee ID #" name="uid">
</label>
<label>
Password
<input type="password" placeholder="Password" name="pword">
</label>
<button type="submit" class="button" name="btn-login">Submit</button>
</form>
<?php
require 'footer.php';
?>