* Verify Details */ $IP = $_SERVER['REMOTE_ADDR']; $browser = $_SERVER['HTTP_USER_AGENT']; $response = DBAccess::verifyUser($userName, $password, $IP, $browser); if ($response == -1) { $feedBack = "YOUR ACCOUNT HAS BEEN DISABLED"; } else { if ($response > 0) { $details = DBAccess::getUserByUserID($response); // store session data $_SESSION['userID'] = $response; $IP = $_SERVER['REMOTE_ADDR']; $browser = $_SERVER['HTTP_USER_AGENT']; //record login DBAccess::recordLogin($response, $IP, $browser); //redirect based on permission if ($details[0]['Position'] == 1) { header('Location: /admin/'); } elseif ($details[0]['Position'] == 2) { header('Location: /'); } else { header('Location: /index.php'); } } else { $feedBack = "Invalid username or password"; } } } $title = "Login"; $head = "";