This repository has been archived by the owner on Oct 4, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
107 lines (98 loc) · 4.82 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
<?php
require('config.php');
session_start();
?>
<?php include_once "views/partials/header.html"; ?>
<body>
<section>
<div class="container-fluid bg-slider">
<div class="row">
<div class="col-md-4 frost">
<div class="toplayer login-card-body">
<img class="img-fluid mx-auto d-block" src="assets/img/IRIMSLOGO.png" width="95" height="95">
<div class="mt-5 pt-0 pe-5 pb-5 ps-5">
<form class="form" method="post" name="login">
<div class="col mb-3"><label class="form-label col-sm-12 col-form-label rxpress-color fs-5" for="username">Username</label><input class="form-control border-form rounded-pill" type="text" id="username" name="username" required></div>
<div class="col mb-5"><label class="form-label col-sm-12 col-form-label rxpress-color fs-5" for="password">Password</label><input class="form-control border-form rounded-pill" type="password" id="password" name="password" required></div>
<div class="col mb-2"><input class="col-12 btn btn-color rounded-pill fs-5" type="submit" name="submit" value="LOGIN"></div>
<div class="mt-5 text-center"><a class="text-dark text-decoration-none" href="signup.php">DON'T HAVE AN ACCOUNT? SIGN UP</a></div>
</form>
</div>
</div>
</div>
</div>
</div>
</section>
<script>
function errorAlert() {
Swal.fire({
icon: 'error',
title: 'Invalid Login Credentials',
text: 'Incorrect Username or Password!',
confirmButtonColor: "#00A3A8",
})
}
function successCustomer() {
Swal.fire({
title: "Login Successful!",
text: "You have successfully logged in. Redirecting to the products page ",
confirmButtonColor: "#00A3A8",
icon: "success",
}).then((result) => {
if (result['isConfirmed']) {
window.location.href = "/irims/customer-products.php";
}
})
}
function successAdmin() {
Swal.fire({
title: "Login Successful!",
text: "You have successfully logged in. Redirecting to the products page ",
confirmButtonColor: "#00A3A8",
icon: "success",
}).then((result) => {
if (result['isConfirmed']) {
window.location.href = "/irims/admin-products.php";
}
})
}
</script>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js" integrity="sha384-QJHtvGhmr9XOIpI6YVutG+2QOK9T+ZnN4kzFN1RtK3zEFEIsxhlmWl5/YESvpZ13" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/gh/alumuko/vanilla-datetimerange-picker@latest/dist/vanilla-datetimerange-picker.js"></script>
<script src="https://cdn.jsdelivr.net/momentjs/latest/moment.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"></script>
<script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<?php
// When form submitted, check and create user session.
if (isset($_POST['username'])) {
$username = stripslashes($_REQUEST['username']); // removes backslashes
$username = mysqli_real_escape_string($con, $username);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con, $password);
// Check user is exist in the database
$query = "SELECT * FROM user WHERE Username='$username' AND UserPassword='$password'";
$result = mysqli_query($con, $query);
$rows = mysqli_num_rows($result);
if ($rows) {
$isAdmin = mysqli_query($con, "SELECT IsAdmin FROM user WHERE Username='$username' AND UserPassword='$password'") or die(mysql_error());
while ($row = mysqli_fetch_row($isAdmin)) {
$is_admin = $row[0];
}
$_SESSION['username'] = $username;
$sql = "SELECT CONCAT(FirstName, ' ', LastName) as FullName FROM user where Username = '$username'";
$name = mysqli_query($con, $sql) or die(mysql_error());
while ($row = mysqli_fetch_row($name)) {
$_SESSION['name'] = $row[0];
}
if ($is_admin == 1) {
echo "<script>successAdmin()</script>";
} else {
echo "<script>successCustomer()</script>";
}
} else {
echo "<script>errorAlert()</script>";
}
}
?>
</body>
</html>