I am busy on a login script but i am stuck at the moment with the php code "if" line.
I want to give the rank check a own message that the user isn't allowed because he hasn't the right rank for the admin login. At this moment it gives the message of wrong username or password.
Anybody that can help me with this?
My code:
<?php
session_start();
include_once 'dbconnect.php';
if(isset($_SESSION['userSession']))
{
header("Location: home.php");
exit;
}
if(isset($_POST['btn-login']))
{
$email = $MySQLi_CON->real_escape_string(trim($_POST['user_email']));
$upass = $MySQLi_CON->real_escape_string(trim($_POST['password']));
$query = $MySQLi_CON->query("SELECT user_id, user_email, user_pass, user_rank FROM users WHERE user_email='$email'");
$row=$query->fetch_array();
if(password_verify($upass, $row['user_pass']) && ($row['user_rank'] == '2'))
{
$_SESSION['userSession'] = $row['user_id'];
header("Location: home.php");
}
else
{
$msg = "<div class='alert alert-danger'>
<span class='glyphicon glyphicon-info-sign'></span> email or password does not exists!
</div>";
}
$MySQLi_CON->close();
}
?>
I am a little bit new in the php still.. All help and tips are really welcome and thankfull!
Aucun commentaire:
Enregistrer un commentaire