forked from ibrahsissoko/hospital_reservation_system
/
index.php
126 lines (111 loc) · 4.33 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
$debug = false;
$message = "";
include_once('AutoLoader.php');
AutoLoader::registerDirectory('src/classes');
require("src/config.php");
if(!empty($_POST)) {
$email = htmlspecialchars($_POST['email']);
$query = "
SELECT *
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $email
);
try {
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
} catch(PDOException $ex) {
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if ($row) {
$check_password = PasswordUtils::hashPassword($_POST['password'], $row['salt']);
if($check_password == $row['password']) {
if ($row['active_user'] == 0) {
$message = "You must activate your account first.";
} else {
unset($row['salt']);
unset($row['password']);
$_SESSION['user'] = $row;
if ($row['info_added'] == 0) {
switch($row['user_type_id']) {
case 3: // nurse
header("Location: src/nurse_info.php");
die("Redirecting to: src/nurse_info.php");
break;
case 2: // doctor
header("Location: src/doctor_info.php");
die("Redirecting to: src/doctor_info.php");
break;
case 4: // admin
header("Location: src/administrator_info.php");
die("Redirecting to: src/administrator_info.php");
break;
default:
header("Location: src/patient_info.php");
die("Redirecting to: src/patient_info.php");
break;
}
} else {
header("Location: src/home.php");
die("Redirecting to: home.php");
}
}
} else {
$message = "Invalid Password.";
}
} else {
$message = "The email address is not registered.";
}
}
?>
<!doctype html>
<html lang="en">
<head>
<style>.error {color: #FF0000;}</style>
<meta charset="utf-8">
<title>Hospital Management</title>
<meta name="description" content="Hospital management system for Intro to Software Engineering">
<meta name="author" content="WAL Consulting">
<script src="http://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js"></script>
<script src="assets/bootstrap.min.js"></script>
<link href="assets/bootstrap.min.css" rel="stylesheet" media="screen">
<link href="assets/styles.css" rel="stylesheet" type="text/css">
</head>
<body>
<div class="navbar navbar-fixed-top navbar-inverse">
<div class="navbar-inner">
<div class="container">
<a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</a>
<a href="src/home.php" class="brand">Hospital Management</a>
<div class="nav-collapse collapse">
<ul class="nav pull-right">
<li><a href="src/register.php">Register</a></li>
</ul>
</div>
</div>
</div>
</div>
<div class="container hero-unit">
<h1>Login</h1> <br />
<form action="index.php" method="post">
Email:<br/>
<input type="text" name="email" value="<?php echo $email?>" /><br/>
Password:<br/>
<input type="password" name="password" value="" /><br/>
<span class="error"><?php echo $message;?></span>
<br/>
<input type="submit" class="btn btn-info" value="Login" />
</form>
<a href="src/forgot_password.php">Forgot Password?</a>
</div>
</body>
</html>