<?php
session_start();
require_once './controller/UserCtrl.php';
$b = isset($_COOKIE['uid']) && $_COOKIE['uid'] != '';
$admin = isset($_SESSION['admin']) && $_SESSION['admin'] != '' ? $_SESSION['admin'] : 'abort';
if (!$b) {
echo '<script>window.location.href = "login.php";</script>';
} else {
if (UserCtrl::getType($_COOKIE['uid']) != 1903 || $admin != '^f8fg3j5&(:c3') {
echo '<script>window.location.href = "admin-login.php";</script>';
} else {
$valid = ['admin', '0', '1', '2', '3', '4', '5', '10', '11', '12', '13', '14', '15', '16', '17', '18', '20'];
$page = isset($_GET['p']) ? $_GET['p'] : (isset($_POST['p']) ? $_POST['p'] : null);
if (is_null($page)) {
$content = 'view/dashboard.php';
} else {
if (in_array($page, $valid)) {
switch ($page) {
case '0':
$url = 'a_pretest';
break;
case '1':
$url = 'a_posttest';
break;
case '2':
$url = 'a_survey';
break;
case '3':
$url = 'a_users';
break;
<?php
session_start();
require_once './controller/UserCtrl.php';
$uid = isset($_POST['username']) ? $_POST['username'] : '';
$pwd = isset($_POST['password']) ? $_POST['password'] : '';
if (UserCtrl::getType($_COOKIE['uid']) != 1903) {
echo '<script>window.location.href="index.php";</script>';
}
if ($uid != '' && $pwd != '') {
if (UserCtrl::login(new User($uid, $pwd)) && UserCtrl::getType($uid) == 1903) {
$_SESSION['admin'] = '^f8fg3j5&(:c3';
echo '<script>window.location.href="admin.php";</script>';
} else {
if (UserCtrl::login(new User($uid, $pwd)) && UserCtrl::getType($uid) != 1903) {
setcookie('uid', $uid);
echo '<script>alert("You dont have admin access. Redirect to homepage");</script>';
echo '<script>window.location.href="index.php";</script>';
} else {
echo '<script>alert("Incorrect username/password.");</script>';
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
