<?php
include("config.php");
session_start();
?>
<?php
if(isset($_POST['user_login']))
{
$username=$_POST['username'];
$password=$_POST['password'];
$stmt = $DB_con->prepare("SELECT user_name,user_password,role FROM users WHERE user_name=:username");
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->execute();
$user=$stmt->fetch(PDO::FETCH_BOTH);
if($user && $user['role']=="Trader" && password_verify($password,$user['user_password']))
{
?>
<script>
alert('You have succesfully logged in please continue with your Administation managements');
window.location.href='../Admin/index';
</script>
<?php
$_SESSION['admin']=$username;
}
elseif($user && $user['role']=="Admin" && password_verify($password,$user['user_password']))
{
?>
<script>
alert('You have succesfully logged in please continue with your Administation managements');
window.location.href='../Admin/index';
</script>
<?php
$_SESSION['admin']=$username;
}
else
{
?>
<script>
alert('Sorry the details you entered are not correct please re_enter the correct details');
window.location.href='../index';
</script>
<?php
exit();
}
}
?>
Admin Edit: Fixed Code Tags