-
Notifications
You must be signed in to change notification settings - Fork 0
/
Log_employee.php
116 lines (92 loc) · 3.1 KB
/
Log_employee.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?php
//
//This script will handle login
session_start();
// check if the user is already logged in
if(isset($_SESSION['username']))
{
header("location: Customer Page.php");
exit ;
}
require_once "config.php";
$username = $password = "";
$err = "";
// if request method is post
if ($_SERVER['REQUEST_METHOD'] == "POST"){
if(empty(trim($_POST['username'])) || empty(trim($_POST['password'])))
{
$err = "Please enter username + password";
}
else{
$username = trim($_POST['username']);
$password = trim($_POST['password']);
}
if(empty($err))
{
$sql = "SELECT id, username, password FROM register WHERE username = ?";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_username);
$param_username = $username;
// Try to execute this statement
if(mysqli_stmt_execute($stmt)){
mysqli_stmt_store_result($stmt);
if(mysqli_stmt_num_rows($stmt) == 1)
{
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if(mysqli_stmt_fetch($stmt))
{
if(!password_verify($password, $hashed_password)){
echo '<script> alert("username or password is incorrect."); </script>'
;
}
else{
// this means the password is corrct. Allow user to login
session_start();
$_SESSION["username"] = $username;
$_SESSION["id"] = $id;
$_SESSION["loggedin"] = true;
//Redirect user to welcome page
header("location: employee page.php");
}
}
}
}}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Employee Log in page</title>
<link href="css/login.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="form">
<h1>Log in</h1>
<hr>
<form action="" method="post">
<br>
<div>
<label>Username:</label><input type="email" name="username" placeholder="Email Id">
</div> <div>
<br>
<label>Password:</label><input type="password" name="password" placeholder="Password">
</div>
<br>
<div>
<br>
<a href=""> <button input type="submit" >Log in</button> </a>
</div>
<h3><a href="recover_psw.php">Forgotten password? </a></h3>
<div>
<h3><a href="register.php">Create new account</a></h3>
<hr>
<!-- <h3><a href="admin login.php">Log in as Admin</a></h3>
<h3><a href="employee login.php">Log in as Employee</a></h3> -->
</div>
</form>
</div>
</body>
</html>