public static function login($loginName, $loginPswd)
{
session_unset();
$dbc = DB::getDBConnection();
$query = "SELECT * FROM User WHERE " . loginName . " = ? AND " . loginPswd . " = ? ";
$stmt = $dbc->prepare($query);
$stmt->bind_param("ss", $loginName, $loginPswd);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
if ($result->num_rows <= 0) {
return false;
}
$userNo = getUserNoByLoginName($loginName);
if (!isset($userNo)) {
return false;
}
if (session_status() != PHP_SESSION_ACTIVE) {
session_start();
}
$_SESSION["type"] = getUserType($userNo);
UserControl::$type = getUserType($userNo);
$_SESSION[userNo] = $userNo;
$query = "UPDATE User SET " . loginSession . " = '" . session_id() . "' " . "WHERE " . userNo . " = '{$userNo}'";
if (DB::query($query)) {
return true;
}
}
$custAddr = $_POST['custAddr'];
if (count(getUserNoByLoginName($loginName)) != 0) {
echo "<script> alert('The username already exist!, please change other one!')</script>";
} else {
if ($loginPswd != $rePswd) {
echo "<script> alert('Password and re-enter password must be same!')</script> ";
} else {
if ($custAddr == "") {
echo "<script> alert('Please enter Address!')</script>";
} else {
if (addUser($loginName, $loginPswd)) {
if (regCustomer(getUserNoByLoginName($loginName), $custName, $custGender, $custDOB, $custTel, $custAddr, $distNo)) {
echo "<script> alert('Successful register!')</script>";
unset($_POST);
} else {
delUser(getUserNoByLoginName($loginName));
echo "<script> alert('Unsuccessful register!')</script>";
}
} else {
echo "<script> alert('Unsuccessful register!')</script>";
}
}
}
}
}
?>
<div class="outer">
<div class="middle">
<div class="inner col-50 col-m-100">
<h1>Register</h1>
