Tuesday, 15 October 2024

Mysqli Login

 Hi all,

Use this code

<?php


$username = $_POST['username'];

$password = $_POST['password'];


$count1 = substr_count($username, "'");

$count2 = substr_count($password, "'");

$err = 0;


if ($count1 > 0 || $count2 > 0) {

    $err = 1;

}


// Create connection using MySQLi

include('dbconnect.php');


if (!$con) {

    die('Could not connect: ' . mysqli_connect_error());

}


// Use prepared statements to avoid SQL injection

$sql = "SELECT * FROM tbl_login WHERE lg_username = '$username' AND lg_password = '$password' AND lg_status = '1'";

echo $sql;


$result = mysqli_query($con, $sql);



$flag = 0;

$type = '';


    while ($row = mysqli_fetch_assoc($result)) {

    $flag = 1;

    $type = $row['lg_type'];


    session_start();

    $_SESSION['user'] = $type; // store session data

    $_SESSION['username'] = $username;

}


echo $flag;

echo $type;


if ($err > 0) {

    echo "<script>location.href='index.php?msg=Invalid Username or Password'</script>";

} else if ($flag == 1 && $type == "admin") {

    echo "<script>location.href='adminhome.php'</script>";

} else if ($flag == 1 && $type == "user") {

    echo "<script>location.href='userhome.php'</script>";

} else if ($flag == 1 && $type == "faculty") {

    echo "<script>location.href='facultyhome.php'</script>";

} else {

    echo "<script>location.href='index.php?msg=Invalid Username or Password'</script>";

}



// Close the connection


mysqli_close($con);

?>


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)