-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
243 lines (177 loc) · 7.95 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
<?php
// add this at the start of the script
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
//Deny all overcoming errors
error_reporting (0);
session_start();
//include the connection file
include 'includes/db_conn.php';
if(isset($_POST['jobid']) && isset($_POST['password'])){
$jobid = $_POST['jobid'];
$password = md5($_POST['password']);
//Notify User on Empty Fields Preventing Login
if (empty($jobid)){
header("Location:index?error=Please Input Login ID !!");
} else if(empty($password)){
header("Location:index?error=Please Input Password !!");
} else {
//Perform Select Statement
$stmt = $conn->prepare("SELECT * FROM sensational_useraccounts WHERE jobid=? LIMIT 1");
$stmt->execute([$jobid]);
if ($stmt->rowCount() === 1){
$user = $stmt->fetch();
$user_jobid = $user['jobid'];
$user_role = $user['role'];
$user_username = $user['username'];
$user_password = $user['password'];
//Check for Cashier login Password
if($jobid === $user_jobid && $user_role === 'Cashier'){
if($password === $user_password){
//Session data for Cashier
$_SESSION['user_jobid'] = $user_jobid;
$_SESSION['user_role'] = $user_role;
$_SESSION['user_username'] = $user_username;
header("Location:cashier/home?success= You have Successfully Logged In !!");
echo $_SESSION['user_jobid'];
}else{
header("Location:index?error=Incorrect Password !!");
}
}
//Check for Super Admin login Password
if($jobid === $user_jobid && $user_role === 'Superadmin'){
if($password === $user_password){
//Session data for Cashier
$_SESSION['user_jobid'] = $user_jobid;
$_SESSION['user_role'] = $user_role;
$_SESSION['user_username'] = $user_username;
header("Location:superadmin/home?success= You have Successfully Logged In !!");
echo $_SESSION['user_jobid'];
}else{
header("Location:index?error=Incorrect Password !!");
}
}
//Check for Admin login Password
if($jobid === $user_jobid && $user_role === 'Admin'){
if($password === $user_password){
// session data for Receptionist
$_SESSION['user_jobid'] = $user_jobid;
$_SESSION['user_role'] = $user_role;
$_SESSION['user_username'] = $user_username;
header("Location:admin/home?success= You have Successfully Logged In !!");
echo $_SESSION['user_jobid'];
}else{
header("Location:index?error=Incorrect Password !!");
}
}
//echo error for wrong ID
}else {
header("Location:index?error=Incorrect Login Details !!");
}
}
}
?>
<!doctype html>
<html lang="en">
<head>
<!--====== Required meta tags ======-->
<meta charset="utf-8">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<!--====== Title ======-->
<title>Sensational -- Beauty -- Parlour </title>
<!--====== Favicon Icon ======-->
<link rel="icon" type="image/ico" href="img/favicon.ico"/>
<!--====== Bootstrap css ======-->
<link rel="stylesheet" href="bootstrap/dist/css/bootstrap.min.css">
<!--====== Fontawesome css ======-->
<link rel="stylesheet" href="bootstrap/dist/fonts/font-awesome.min.css">
<!--====== Style css ======-->
<link rel="stylesheet" href="style.css">
<style>
</style>
</head>
<body>
<!--====== PRELOADER PART START ======-->
<div class="preloader">
<div class="loader rubix-cube">
<div class="layer layer-1"></div>
<div class="layer layer-2"></div>
<div class="layer layer-3 color-1"></div>
<div class="layer layer-4"></div>
<div class="layer layer-5"></div>
<div class="layer layer-6"></div>
<div class="layer layer-7"></div>
<div class="layer layer-8"></div>
</div>
</div>
<!--====== PRELOADER PART START ======-->
<div class="container-fluid">
<div class="row justify-content-center">
<div class="col" style="position:absolute; width:350px;">
<!-- Alert Box for User Logindata Errors -->
<?php if ($_GET['errorlogin']) { ?>
<div class="alert alert-danger fade show" role="alert">
<strong><?=htmlspecialchars($_GET['errorlogin']) ?></strong>
</div>
<?php } ?>
<!-- Alert Box for User Logindata Errors -->
<?php if ($_GET['error']) { ?>
<div class="alert alert-danger fade show" role="alert">
<strong><?=htmlspecialchars($_GET['error']) ?></strong>
</div>
<?php } ?>
<!-- Alert Box for Successful Login -->
<?php if ($_GET['success']) { ?>
<div class="alert alert-info fade show" role="alert">
<strong><?=htmlspecialchars($_GET['success']) ?></strong>
</div>
<?php } ?>
<!-- Alert Box for Successful Password Reset -->
<?php if ($_GET['passwordsuccess']) { ?>
<div class="alert alert-info fade show" style="max-width:wrap-content;max-height:wrap-content;position:relative;margin-top:-20px;font-size:12px;" role="alert">
<strong><?=htmlspecialchars($_GET['passwordsuccess']) ?></strong>
</div>
<?php } ?>
</div>
</div>
</div>
<div class="card">
<img class="login_image" src="img/logo.jpg">
<div class="card-body">
<div class="container-fluid">
<form method="post">
<div class="mb-4">
<input type="text" name="jobid" class="form-control" id="jobid" placeholder="Enter Login ID">
</div>
<div class="mb-4">
<input type="password" name="password" class="form-control" id="password" placeholder="Enter Password">
</div>
<button type="submit" class="btn-sensational">LOGIN</button>
</form>
<div class="py-3">
<a class="reset_password" href="reset_password">Forgot Password?</a>
</div>
</div>
</div>
</div>
<?php
//include the footer file
include 'includes/footer.php';
?>
<!--====== jquery js ======-->
<script src="bootstrap/dist/jquery/modernizr-3.6.0.min.js"></script>
<script src="bootstrap/dist/jquery/jquery-1.12.4.min.js"></script>
<!--====== Bootstrap js ======-->
<script src="bootstrap/dist/js/bootstrap.min.js"></script>
<!--====== Main js ======-->
<script src="main.js"></script>
<!--====== Alert Script ======-->
<script type="text/javascript">
setTimeout (function(){
//closing the alert
$('.alert').alert('close');
}, 3000);
</script>
</body>
</html>