-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
110 lines (84 loc) · 4.16 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<?php
include "db.php";
session_start();
#Login script is begin here
#If user given credential matches successfully with the data available in database then we will echo string login_success
#login_success string will go back to called Anonymous funtion $("#login").click()
if(isset($_POST["email"]) && isset($_POST["password"])){
$email = mysqli_real_escape_string($con,$_POST["email"]);
$password = $_POST["password"];
$sql = "SELECT * FROM user_info WHERE email = '$email' AND password = '$password'";
$run_query = mysqli_query($con,$sql);
$count = mysqli_num_rows($run_query);
$row = mysqli_fetch_array($run_query);
//we have created a cookie in login_form.php page so if that cookie is available means user is not login
//if user record is available in database then $count will be equal to 1
if($count == 1){
if (isset($_COOKIE["product_list"])) {
$p_list = stripcslashes($_COOKIE["product_list"]);
//here we are decoding stored json product list cookie to normal array
$product_list = json_decode($p_list,true);
for ($i=0; $i < count($product_list); $i++) {
//After getting user id from database here we are checking user cart item if there is already product is listed or not
$verify_cart = "SELECT id FROM cart WHERE user_id = $_SESSION[uid] AND p_id = ".$product_list[$i];
$result = mysqli_query($con,$verify_cart);
if(mysqli_num_rows($result) < 1){
//if user is adding first time product into cart we will update user_id into database table with valid id
$update_cart = "UPDATE cart SET user_id = '$_SESSION[uid]' WHERE ip_add = '$ip_add' AND user_id = -1";
mysqli_query($con,$update_cart);
}else{
//if already that product is available into database table we will delete that record
$delete_existing_product = "DELETE FROM cart WHERE user_id = -1 AND ip_add = '$ip_add' AND p_id = ".$product_list[$i];
mysqli_query($con,$delete_existing_product);
}
}
//here we are destroying user cookie
setcookie("product_list","",strtotime("-1 day"),"/");
//if user is logging from after cart page we will send cart_login
echo "cart_login";
exit();
}
//if user is login from page we will send login_success
$_SESSION["uid"] = $row["user_id"];
$_SESSION["name"] = $row["first_name"];
$ip_add = getenv("REMOTE_ADDR");
$sql = "UPDATE cart SET user_id = '$_SESSION[uid]' WHERE ip_add='$ip_add' AND user_id = -1";
$wishlist_sql = "UPDATE wishlist SET user_id = '$_SESSION[uid]' WHERE ip_add='$ip_add' AND user_id = -1";
if(mysqli_query($con,$sql)){
echo "login_success";
$BackToMyPage = $_SERVER['HTTP_REFERER'];
if(mysqli_query($con,$wishlist_sql)){
if(!isset($BackToMyPage)) {
header('Location: '.$BackToMyPage);
echo"<script type='text/javascript'>
</script>";
} else {
echo "<script> location.href='index.php'; </script>" ;// default page
}
}
}
exit;
}else{
$email = mysqli_real_escape_string($con,$_POST["email"]);
$password =md5($_POST["password"]) ;
$sql = "SELECT * FROM admin_info WHERE admin_email = '$email' AND admin_password = '$password'";
$run_query = mysqli_query($con,$sql);
$count = mysqli_num_rows($run_query);
//if user record is available in database then $count will be equal to 1
if($count == 1){
$row = mysqli_fetch_array($run_query);
$_SESSION["uid"] = $row["admin_id"];
$_SESSION["name"] = $row["admin_name"];
$ip_add = getenv("REMOTE_ADDR");
//we have created a cookie in login_form.php page so if that cookie is available means user is not login
//if user is login from page we will send login_success
echo "login_success";
echo "<script> location.href='admin/add_products.php'; </script>";
exit;
}else{
echo "<span style='color:red;'>Please register before login..!</span>";
exit();
}
}
}
?>