/** * Function to login for the admin * Function return true if the admin * is successfully identified using provided * username and password, Otherwise return false. * * @param $username * @param $password * @return true if successful login, otherwise false. */ function login($username, $password) { $mysqli = connecttoMysql(); $username = sanitise($username, 40); $password = sanitise($password, 40); //$password = sha1($password); $result = false; //check if there is an error connecting to database if ($mysqli->connect_errno) { echo "Failed to connect to MySql:-> " . $mysqli->connect_error; } /* Create and execute statement to get the result set/Statement Object */ if ($stmt = $mysqli->query("SELECT username, password FROM users WHERE username = '******' AND password = '******'")) { //iterator to match the results while ($row = $stmt->fetch_array(MYSQLI_ASSOC)) { if ($row['username'] == $username && $row['password'] == $password) { $result = true; break; } } } else { echo "Error -> " . $mysqli->error; $result = false; } $mysqli->close(); return $result; }
function getusrInfo($username) { $mysqli = connecttoMysql(); //check if there is an error connecting to database if ($mysqli->connect_errno) { echo "Connection with the database failed"; } $stmt = $mysqli->query("SELECT email, isadmin FROM user WHERE username = '******'"); while ($row = $stmt->fetch_object()) { $email = $row->email; $isadmin = $row->isadmin; } $mysqli->close(); mysqli_free_result($stmt); return array($email, $isadmin); }