-
Notifications
You must be signed in to change notification settings - Fork 1
/
login.php
100 lines (75 loc) · 2.46 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Login | The Game of Shares</title>
<link href='css/gfonts.css' rel='stylesheet' type='text/css'>
<link href='css/materialize.min.css' rel='stylesheet' type='text/css' media='screen, projection'>
<link href="css/custom.css" rel="stylesheet" type="text/css">
<link href="css/login.css" rel="stylesheet" type="text/css">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<?php
include "conn.inc.php";
if(isLoggedIn())
{
header("Location: index.php");
}
?>
<body>
<div class="navbar-fixed">
<nav>
<div class="nav-wrapper">
<a href="index.php" id="logo" class="brand-logo">The Game Of Shares</a>
<ul id="nav-mobile" class="right ">
<li><a href='register.php'>Register</a></li>
<li><a href='admin.php'> Admin Login</a></li>
</ul>
</div>
</nav>
</div>
<div class="container">
<div id="main">
<form action='login.php' method='post'>
<div class="row">
<div class="input-field col s6">
<input class="validate" placeholder="example@email.com" type='email' id="email" name='email_login' required>
<label for="email">Email</label>
</div>
</div>
<div class="row">
<div class="input-field col s6">
<input class="validate" type='password' id="password" name='password_login' required>
<label for="password">Password</label>
</div>
</div>
<input type='submit' class="btn" value='Login'>
</form>
</div>
<?php
//log in the user if email and pass match with database
if(isset($_POST['email_login']) && isset($_POST['password_login']))
{
$email_login = $_POST['email_login'];
$password_login = md5(filter_var(($_POST['password_login']), FILTER_SANITIZE_STRING));
$email_login = filter_var($email_login, FILTER_SANITIZE_EMAIL);
$query_login = "SELECT id, name from users WHERE username = '$email_login' AND password = '$password_login'";
if($run = mysqli_query($conn, $query_login))
{
if(mysqli_num_rows($run) == 1)
{
$array = mysqli_fetch_assoc($run);
$_SESSION['user_id'] = $array['id'];
$_SESSION['user_name'] = $array['name'];
header("refresh:0,index.php");
}
else
echo "Invalid Username/Password combination.";
}
}
?>
</div>
<script type="text/javascript" src="js/jquery-3.1.0.min.js"></script>
<script type="text/javascript" src="js/materialize.js"></script>
</body>
</html>