-
Notifications
You must be signed in to change notification settings - Fork 0
/
signin.php
128 lines (95 loc) · 3.8 KB
/
signin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
$is_invalid = false;
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$mysqli = require __DIR__ . "/database.php";
$sql = sprintf(
"SELECT * FROM users
WHERE email = '%s'",
$mysqli->real_escape_string($_POST["email"])
);
$result = $mysqli->query($sql);
$user = $result->fetch_assoc();
if ($user) {
if (password_verify($_POST["password"], $user["password_hash"])) {
session_start();
session_regenerate_id();
// Check if the isAdmin field in the table users is set to yes for the logged in user
if ($user["isAdmin"] == "yes") {
$_SESSION["isAdmin"] = true;
$_SESSION["isArtist"] = false;
$_SESSION["user_id"] = $user["id"];
header("Location: admin-dashboard.php");
} else if ($user["isArtist"] == "yes") {
$_SESSION["isAdmin"] = false;
$_SESSION["isArtist"] = true;
$_SESSION["user_id"] = $user["id"];
header("Location: artist-dashboard.php");
} else if ($user["isArtist"] == "no" || $user["isArtist"] == NULL) {
$_SESSION["isAdmin"] = false;
$_SESSION["isArtist"] = false;
$_SESSION["user_id"] = $user["id"];
header("Location: home.php");
}
}
}
$is_invalid = true;
}
?>
<!DOCTYPE html>
<html lang='en'>
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Moneylisa | Sign In</title>
<!-- Styling imports -->
<link rel='stylesheet' href='styles/main.css'>
<link rel='stylesheet' href='styles/utility.css'>
</head>
<body>
<main>
<div class='row'>
<!-- Image div -->
<div class='col-lg-6 col-sm-12 col-md-6 mobile-hide'>
<div class='container-fluid'>
<img class='img-lg' style='height: 90vh;' src='assets/images/paddleboard.jpg' alt='Welcome back'>
<p class='manatee'> Levi Vaagenes -
<a class='inline-link' href='https://www.pexels.com/photo/woman-paddleboarding-on-lake-at-sunset-11504431/'>
Paddleboarding
</a>
</p>
</div>
</div>
<!-- Form div -->
<div class='col-lg-6 col-sm-12 col-md-6'>
<div class='header'>
<h1>MoneyLisa</h1>
</div>
<h2>Welcome back</h2>
<?php if ($is_invalid) : ?>
<em class='imperial-red mb-2'>Invalid login</em>
<?php endif; ?>
<form method="post">
<div class='col-lg-6 mb-4'>
<label for="email">Email</label>
<input class='form-control mb-2' type="email" name="email" id="email" value="<?= htmlspecialchars($_POST["email"] ?? "") ?>">
</div>
<div class='col-lg-6 col-sm-12 col-md-6 mb-4'>
<label for="password">Password</label>
<input class='form-control mb-2' type="password" name="password" id="password">
</div>
<p>
Don't have an account yet?
<a class='inline-link' href='signup.php'>
Create an account
</a>
</p>
<button class='btn btn-lg btn-imperial mt-6'>
Sign In
</button>
</form>
</div>
</div>
</main>
</body>
</html>