File: /home/imensosw/www/imenso.co/dev/data-panel/login_code.php
<?php
require_once 'config.php';
if (isset($_POST['login']))
{
if(isset($_POST['email']) && isset($_POST['password']) && !empty($_POST['email']) && !empty($_POST['password']))
{
//$sql = "SELECT users.* , role_user.role_id FROM users left join role_user on role_user.user_id = users.id WHERE users.email='".$_POST['email']."' group by users.id";
$sql = "SELECT role_user.role_id as role_id, users.* FROM users LEFT JOIN role_user ON users.id = role_user.user_id WHERE users.email='".$_POST['email']."'";
$result = $conn->query($sql);
if(mysqli_num_rows($result)>0)
{
while ($row = $result->fetch_assoc())
{
if($row['role_id']!=1)
{
if (password_verify($_POST['password'], $row['password']))
{
$_SESSION['user_id']= $row['id'];
$_SESSION['role_id']= $row['role_id'];
$_SESSION['name']= $row['name'];
header('location:index.php');
}
else
{
$_SESSION['error'] = 'Invalid Email or Password!!';
header('location:login.php');
}
}
else
{
$_SESSION['error'] = 'Unauthorized User!!';
header('location:login.php');
}
}
}
else{
$_SESSION['error'] = 'Invalid Email or Password!!';
header('location:login.php');
}
}
else{
$_SESSION['error'] = 'Please enter Email and Password!!';
header('location:login.php');
}
}
?>