-
Notifications
You must be signed in to change notification settings - Fork 0
/
data-login.php
80 lines (59 loc) · 1.79 KB
/
data-login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
/**
* @package
*
* @copyright Copyright (C) 2019, All rights reserved.
* @license MIT License version or later; see licensing/LICENSE.txt
*/
session_start(); // Starting Session
include('data-md5.php');
// $error=''; // Variable To Store Error Message
if (isset($_POST['operation'])) {
if ($_POST['operation'] == "submit_login") {
if (empty($_POST['username']) || empty($_POST['password']))
{
echo "<script>
alertify.alert('Username or Password is empty !').setHeader('Error');
window.location='index.php';
</script>";
}
else
{
login();
}
}
}
function login(){
include('dbconfig.php');
// Define $username and $password
$output = array();
$username=$_POST['username'];
$password=$_POST['password'];
// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($conn,$username);
$password = mysqli_real_escape_string($conn,$password);
$input = "$password";
$encrypted = encryptIt($input);
// SQL query to fetch information of registerd users and finds user match.
$query = mysqli_query($conn,"SELECT * FROM `user` WHERE `user_Name` = '$username' AND `user_Pass` = '$encrypted' ");
if (mysqli_num_rows($query) > 0)
{
$rows = mysqli_fetch_assoc($query);
// And error has occured while executing
if ($rows['lvl_ID'])
{
$_SESSION['login_user']=$username; // Initializing Session
// header("location: dashboard/"); //go to dashboard
$output["success"] = "Successfully Login";
}
}
else
{
$output["error"] = "Wrong Username or Password!";
}
echo json_encode($output,true);
mysqli_close($conn); // Closing Connection
}
?>