} if (logged_in() && $_SESSION['admin'] == 0) { header("location:user/user.php"); } //the form has been filled so we check value entered// if (isset($_POST["submit"]) && $_POST["submit"] == "Login") { $errmsg = ''; if (empty($_POST['username']) || empty($_POST['password'])) { $errmsg = 'All the fields are required<br>'; } else { $userobj = new User(); $username = trim($_POST["username"]); $password = trim($_POST["password"]); if ($userobj->isvaliduser($username, $password)) { setcookie('user', "{$username}", time() + 60 * 60 * 24 * 30); $userid = $userobj->get_userid($username); if ($userid) { $_SESSION['uid'] = $userid; } $admin = $userobj->admin_satus($username); if ($admin == 1) { $_SESSION['uid'] = $userid; $_SESSION['admin'] = $admin; header("location:admin/admin.php"); exit; } else { $_SESSION['uid'] = $userid; header("location:user/user.php"); exit; } } else {
<?php $base = "../../"; require_once $base . "users.php"; $returndata = array(); //uname, password if (!isset($_POST['uname']) || !isset($_POST['password'])) { add_return_data(0, 2, "Both Username and Password need to be posted."); } else { $uname = $_POST['uname']; $password = $_POST['password']; $user = new User($uname); if (!$user->checklogin($uname, $password)) { //Username password incorrect send that json. add_return_data(0, 3, "Incorrect username or password"); } else { //Username and password is correct send json to say username password correct and send cookies $userdata = $user->get_user_data(); $returndata["user"] = $userdata; $cookies = array("uid" => $user->get_userid(), "hash" => getCookies($user->get_userid())); $returndata["cookies"] = $cookies; add_return_data(1, 1, "Logged In!"); } }