1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
<?php
session_start();
/*
login.php
*/
$username1 = $_POST[userName];
$password = md5($_POST[userPassword]);
if($_POST[login] != true){
echo "<h1> That is not allowd!</h1>";
} else {
include "./inc/dbConnect.php";
$query = "SELECT * FROM users WHERE username = '{$username1}';";
$userinfo = $db->query($query);
$newinfo = $userinfo->fetch();
if($newinfo[password] == $password){
$_SESSION[logedin] = true;
if($newinfo[group]==1){//check if user is admin.
$_SESSION[admin] = true;
}else{
$_SESSION[admin] = false;
}
sleep(.5);
header('Location: ./BooKa.php');
}else {
include "./inc/head.php";
echo "<h2 class='warning'>Password or Username does not match username.<br />
Klick <a href='./BooKa.php'> here </a> to return. </h2>";
include "./inc/foot.php";
}
}
?>
|