}
if (logged_in() && $_SESSION['admin'] == 0) {
header("location:user/user.php");
}
//the form has been filled so we check value entered//
if (isset($_POST["submit"]) && $_POST["submit"] == "Login") {
$errmsg = '';
if (empty($_POST['username']) || empty($_POST['password'])) {
$errmsg = 'All the fields are required<br>';
} else {
$userobj = new User();
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
if ($userobj->isvaliduser($username, $password)) {
setcookie('user', "{$username}", time() + 60 * 60 * 24 * 30);
$userid = $userobj->get_userid($username);
if ($userid) {
$_SESSION['uid'] = $userid;
}
$admin = $userobj->admin_satus($username);
if ($admin == 1) {
$_SESSION['uid'] = $userid;
$_SESSION['admin'] = $admin;
header("location:admin/admin.php");
exit;
} else {
$_SESSION['uid'] = $userid;
header("location:user/user.php");
exit;
}
} else {
<?php
$base = "../../";
require_once $base . "users.php";
$returndata = array();
//uname, password
if (!isset($_POST['uname']) || !isset($_POST['password'])) {
add_return_data(0, 2, "Both Username and Password need to be posted.");
} else {
$uname = $_POST['uname'];
$password = $_POST['password'];
$user = new User($uname);
if (!$user->checklogin($uname, $password)) {
//Username password incorrect send that json.
add_return_data(0, 3, "Incorrect username or password");
} else {
//Username and password is correct send json to say username password correct and send cookies
$userdata = $user->get_user_data();
$returndata["user"] = $userdata;
$cookies = array("uid" => $user->get_userid(), "hash" => getCookies($user->get_userid()));
$returndata["cookies"] = $cookies;
add_return_data(1, 1, "Logged In!");
}
}
