/
connect.php
43 lines (41 loc) · 1.85 KB
/
connect.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
<?php session_start(); ?>
<?php
include("./include/head_line.inc.php");
include("./include/mysql_connect.inc.php");
mysqli_query($conn, "SET NAMES utf8");
$id = mysqli_real_escape_string($conn, $_POST['id']);
$pw = mysqli_real_escape_string($conn, $_POST['pw']);
$sql = "SELECT * FROM account where UserIndex = '$id'";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_row($result);
$ch = '$2y$10$GnTzWKFrQoWVrbdsKzCuteUMoPWE.urPrDfZluN0mbSmbi2xrWIym';
if($_POST['button_admin'] != null && password_verify($_POST['pw_admin'], $ch)) {
$_SESSION['ID'] = $id;
$_SESSION['PS'] = $row[4];
if($id != null && $pw != null && $row[1] == $id && password_verify($pw, $row[4])) {
$_SESSION['admin'] = $_POST['pw_admin'];
echo "<img src = './pic/lloginsuccess.png' width='90%' style='display:block; margin:auto;'>";
echo '<meta http-equiv=REFRESH CONTENT=1;url=delete.php>';
}
else {
echo "<img src = './pic/lloginFaild.png' width='90%' style='display:block; margin:auto;'>";
echo '<meta http-equiv=REFRESH CONTENT=1;url=login.php>';
}
}
else if($_POST['pw_admin'] != null && !password_verify($_POST['pw_admin'], $ch)) {
echo "<img src = './pic/lloginFaild.png' width='90%' style='display:block; margin:auto;'>";
echo '<meta http-equiv=REFRESH CONTENT=1;url=index.php>';
}
else if($_POST['button'] != null){
if($id != null && $pw != null && $row[1] == $id && password_verify($pw, $row[4])) {
$_SESSION['ID'] = $id;
$_SESSION['PS'] = $row[4];
echo "<img src = './pic/lloginsuccess.png' width='90%' style='display:block; margin:auto;'>";
echo '<meta http-equiv=REFRESH CONTENT=1;url=home.php>';
}
else {
echo "<img src = './pic/lloginFaild.png' width='90%' style='display:block; margin:auto;'>";
echo '<meta http-equiv=REFRESH CONTENT=1;url=login.php>';
}
}
?>