<?php
include 'core/init.inc.php';
if (isset($_POST['studID'], $_POST['password'])) {
$errors = array();
if (empty($_POST['studID'])) {
$errors[] = "Username ID can not be empty.";
}
if (empty($_POST['password'])) {
$errors[] = "Password can not be empty.";
}
if (empty($errors)) {
if (valid_credentials($_POST['studID'], $_POST['password']) === false) {
$errors[] = "UserID and/or Password did not match.";
} else {
$_SESSION['studID'] = $_POST['studID'];
$_SESSION['userName'] = get_userName($_POST['studID']);
$_SESSION['studDept'] = get_userDept($_POST['studID']);
$_SESSION['userGroup'] = get_userGroup($_POST['studID']);
if ($_SESSION['userGroup'] === 'admin') {
header('Location: adminpanel.php');
}
if ($_SESSION['userGroup'] === 'user') {
header('Location: home.php');
}
if ($_SESSION['userGroup'] === 'encoder') {
header('Location: reguser.php');
}
}
}
}
<?php
include 'core/init.inc.php';
if (isset($_SESSION['userGroup'])) {
if ($_SESSION['userGroup'] !== 'admin') {
header('Location: home.php');
}
}
if (isset($_POST['currentPassword'], $_POST['newPassword'], $_POST['newPasswordVerify'])) {
$errPass = "";
$confPass = "";
if (empty($_POST['currentPassword']) || empty($_POST['newPassword']) || empty($_POST['newPasswordVerify'])) {
$errPass = "******";
} else {
$currPass = valid_credentials($_SESSION['studID'], $_POST['currentPassword']);
if ($currPass === false) {
$errPass = "******";
}
if ($_POST['newPassword'] !== $_POST['newPasswordVerify']) {
$errPass = "******";
}
if (empty($errPass)) {
$changed = admin_passChange($_SESSION['studID'], $_POST['newPassword']);
if ($changed) {
$errPass = "******";
}
}
}
}
?>
<!DOCTYPE html>