<?php # admin/login.php?psw=123&email=diana@mail.pt
$username=addslashes($_POST['email']);
$psw=sha1($_POST['psw']);
$table="v_login";
$sql="SELECT idUsername, idPrivilegio FROM $table
WHERE username ='$username' AND psw = '$psw'";
require_once("connection.php"); # $con
$query=mysqli_query($con, $sql) or die ($sql);
$total=mysqli_num_rows($query);
if($total==1){
$fetch=mysqli_fetch_assoc($query);
if(!isset($_SESSION)) { session_start(); }
$_SESSION['username']=$username;
$_SESSION['idUsername']=$fetch['idUsername'];
$_SESSION['idPrivilegio']=$fetch['idPrivilegio'];
$path="cPanel.php";
$idUsername=$_SESSION['idUsername'];
$sql="INSERT INTO tb_login (idUsername)
VALUES ('$idUsername')";
# mysqli_query($con, $sql) or die($sql);
} else {
$path="login.html?msg=semLogin";
}
header("Location:$path");
?>
Sem comentários:
Enviar um comentário