-
Notifications
You must be signed in to change notification settings - Fork 0
/
login_action.php
50 lines (41 loc) · 1.18 KB
/
login_action.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
include("connect.php");
$tbl_name="user_levels"; // Table name
$username=$_POST['username']; // username sent from form
$password=$_POST['password']; // password sent from form
// To protect MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
//Query
$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$rows = mysql_fetch_assoc($result);
//Direct pages with different user levels
if ($rows['userlevel'] == '1') {
header('location: dean/index.php'); //User1
session_register("username");
session_register("password");
}
else
if ($rows['userlevel'] == '2') {
header('location: registrar/index.php'); //User2
session_register("username");
session_register("password");
}
else
if ($rows['userlevel'] == '3') {
header('location: faculty/index.php'); //user 3
session_register("username");
session_register("password");
}
else
{
// Error login
echo "<script>alert('Access Denied!');
window.location='login.php';
</script>";
}
?>