/**
* Function to login for the admin
* Function return true if the admin
* is successfully identified using provided
* username and password, Otherwise return false.
*
* @param $username
* @param $password
* @return true if successful login, otherwise false.
*/
function login($username, $password)
{
$mysqli = connecttoMysql();
$username = sanitise($username, 40);
$password = sanitise($password, 40);
//$password = sha1($password);
$result = false;
//check if there is an error connecting to database
if ($mysqli->connect_errno) {
echo "Failed to connect to MySql:-> " . $mysqli->connect_error;
}
/* Create and execute statement to get the result set/Statement Object */
if ($stmt = $mysqli->query("SELECT username, password FROM users WHERE username = '******' AND password = '******'")) {
//iterator to match the results
while ($row = $stmt->fetch_array(MYSQLI_ASSOC)) {
if ($row['username'] == $username && $row['password'] == $password) {
$result = true;
break;
}
}
} else {
echo "Error -> " . $mysqli->error;
$result = false;
}
$mysqli->close();
return $result;
}
function getusrInfo($username)
{
$mysqli = connecttoMysql();
//check if there is an error connecting to database
if ($mysqli->connect_errno) {
echo "Connection with the database failed";
}
$stmt = $mysqli->query("SELECT email, isadmin FROM user WHERE username = '******'");
while ($row = $stmt->fetch_object()) {
$email = $row->email;
$isadmin = $row->isadmin;
}
$mysqli->close();
mysqli_free_result($stmt);
return array($email, $isadmin);
}
