File: /home/imensosw/matrix.imenso.co/admin/admin_code.php
<?php
require_once '../config.php';
if (isset($_POST['login']))
{
if(isset($_POST['email']) && isset($_POST['password']) && !empty($_POST['email']) && !empty($_POST['password']))
{
$sql = "SELECT roles.name as role_name, roles.id as role_id, users.* FROM users INNER JOIN role_user ON users.id = role_user.user_id INNER JOIN roles ON role_user.role_id = roles.id WHERE users.email='".$_POST['email']."'";
$result = $conn->query($sql);
if($result->num_rows>0)
{
while ($row = $result->fetch_assoc())
{
if($row['role_id']==1)
{
if (password_verify($_POST['password'], $row['password']))
{
$_SESSION['user_id']= $row['id'];
$_SESSION['role_id']= $row['role_id'];
$_SESSION['name']= $row['name'];
header('location:assignment.php');
}
else
{
$_SESSION['error'] = 'Invalid Email or Password!!';
header('location:index.php');
}
}
else
{
$_SESSION['error'] = 'Unauthorized User!!';
header('location:index.php');
}
}
}
else
{
$_SESSION['error'] = 'Unauthorized User!!';
header('location:index.php');
}
}
else{
$_SESSION['error'] = 'Please enter Email and Password!!';
header('location:login.php');
}
}
?>