-
Notifications
You must be signed in to change notification settings - Fork 0
/
login_handler.php
118 lines (116 loc) 路 2.79 KB
/
login_handler.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<html>
<head>
<title>Login Handler</title>
</head>
<body>
<?php
session_start();
session_destroy();
session_start();
if(isset($_POST['Login']))
{
$data_missing=array();
if(empty($_POST['username']))
{
$data_missing[]='Username';
}
else
{
$user_name=trim($_POST['username']);
}
if(empty($_POST['password']))
{
$data_missing[]='Password';
}
else
{
$pass_word=$_POST['password'];
}
if(empty($_POST['user_type']))
{
$data_missing[]='User Type';
}
else
{
$user_type=$_POST['user_type'];
$_SESSION['user_type']=$user_type;
}
if(empty($data_missing))
{
if($user_type=='Customer')
{
require_once('Database Connection file/mysqli_connect.php');
$query="SELECT count(*) FROM Customer where customer_id=? and pwd=?";
$stmt=mysqli_prepare($dbc,$query);
mysqli_stmt_bind_param($stmt,"ss",$user_name,$pass_word);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt,$cnt);
mysqli_stmt_fetch($stmt);
//echo $cnt;
mysqli_stmt_close($stmt);
mysqli_close($dbc);
/*$affected_rows=mysqli_stmt_affected_rows($stmt);
$response=@mysqli_query($dbc,$query);
echo $affected_rows;
*/
if($cnt==1)
{
echo "Logged in <br>";
$_SESSION['login_user']=$user_name;
echo $_SESSION['login_user']." is logged in";
header("location: customer_homepage.php");
}
else
{
echo "Login Error";
session_destroy();
header('location:login_page.php?msg=failed');
}
}
else if($user_type=='Administrator')
{
require_once('Database Connection file/mysqli_connect.php');
$query="SELECT count(*) FROM Admin where admin_id=? and pwd=?";
$stmt=mysqli_prepare($dbc,$query);
mysqli_stmt_bind_param($stmt,"ss",$user_name,$pass_word);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt,$cnt);
mysqli_stmt_fetch($stmt);
//echo $cnt;
mysqli_stmt_close($stmt);
mysqli_close($dbc);
/*$affected_rows=mysqli_stmt_affected_rows($stmt);
$response=@mysqli_query($dbc,$query);
echo $affected_rows;
*/
if($cnt==1)
{
echo "Logged in <br>";
$_SESSION['login_user']=$user_name;
echo $_SESSION['login_user']." is logged in";
header('location:admin_homepage.php');
}
else
{
echo "Login Error";
session_destroy();
header('location:login_page.php?msg=failed');
}
}
}
else
{
echo "The following data fields were empty<br>";
foreach($data_missing as $missing)
{
echo $missing ."<br>";
}
}
}
else
{
echo "Submit request not received";
}
?>
</body>
</html>