<?php
require_once('database/connection.php');
if (isset($_POST['submit'])) {
$username = $conn->real_escape_string($_POST['username']);
$password = $conn->real_escape_string($_POST['password']);
date_default_timezone_set('Asia/Bangkok');
$Newtime = date('Y-m-d H:i:s');
$Newtime1 = date('Y-m-d H:i:s');
$sql = "SELECT * FROM `user` WHERE `username` = '".$username."'";
$result = $conn->query($sql);
$row = $result->fetch_assoc();
if(!empty($row)){
if(password_verify($password, $row['password'])){
$update = "UPDATE `user` SET updated_at = '$Newtime', updated_dt = '$Newtime1'
WHERE `username` = '$username'";
$runupdate = $conn->query($update);
$_SESSION['id'] = $row['id'];
$_SESSION['firstname'] = $row['firstname'];
$_SESSION['lastname'] = $row['lastname'];
$_SESSION['username'] = $row['username'];
$_SESSION['password'] = $row['password'];
$_SESSION['image'] = $row['image'];
$_SESSION['created_at'] = $row['created_at'];
$_SESSION['updated_at'] = $Newtime;
$_SESSION['updated_dt'] = $Newtime1;
$_SESSION['status'] = $row['status'];
session_write_close();
if ($_SESSION['status'] == 'admin') {
echo "<script>alert('เข้าสู่ระบบสำเร็จ...'); window.location ='../cmssystem/pages/admin/dashboard/';</script>";
}
if ($_SESSION['status'] == 'member') {
echo "<script>alert('เข้าสู่ระบบสำเร็จ...'); window.location ='../cmssystem/pages/users/dashboard/';</script>";
}
} else {
echo '<script> alert("username หรือ password ไม่ถูกต้อง") </script>';
header('Refresh:0; url=index.php');
}
}else{
echo '<script> alert("ไม่สามารถเข้าสู่ระบบได้โปรดกรอกข้อมูลใหม่อีกครั้ง")</script>';
header("Refresh:0");
}
}
?>
update เผื่อท่านอื่นต้องการป้องกัน back กลับ
จบด้วย unset($_SESSION['example']);
Code (login)
unset($_SESSION['example']);
Code (pages admin or member)
$example = isset($_SESSION['example']) ? $_SESSION['example'] : '';
if($example != "admin") //pages member เปลี่ยนจาก admin เป็น member
{
header('location:ilogin.php');
exit();
}