-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauthenticate.php
More file actions
44 lines (37 loc) · 1.3 KB
/
authenticate.php
File metadata and controls
44 lines (37 loc) · 1.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<?php
session_start();
include 'includes/db_connection.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$user_id = $_POST['user_id'];
$password = $_POST['password'];
// Fetch user based on user_id
$query = "SELECT * FROM users WHERE user_id = '$user_id'";
$result = mysqli_query($conn, $query);
if (mysqli_num_rows($result) > 0) {
$user = mysqli_fetch_assoc($result);
if ($password === $user['password']) {
// Start session and redirect based on role
$_SESSION['user_id'] = $user['user_id'];
$_SESSION['role'] = $user['role'];
$_SESSION['name'] = $user['name'];
if ($user['role'] == 'admin') {
header("Location: pages/dashboard_admin.php");
exit;
} elseif ($user['role'] == 'staff') {
header("Location: pages/dashboard_staff.php");
exit;
} elseif ($user['role'] == 'student') {
header("Location: pages/dashboard_student.php");
exit;
}
} else {
$_SESSION['error_message'] = "Invalid password.";
}
} else {
$_SESSION['error_message'] = "User not found.";
}
// Redirect back to the login page
header("Location: index.php");
exit;
}
?>