Pracownia_Pogramowania/projektpp/zaloguj.php

116 lines
3.0 KiB
PHP

<?php
session_start();
if ((!isset($_POST['login'])) || (!isset($_POST['haslo'])))
{
header('Location: login.php');
exit();
}
require_once "connect.php";
$polaczenie = @new mysqli($host, $db_user, $db_password, $db_name);
if ($polaczenie->connect_errno!=0)
{
echo "Error: ".$polaczenie->connect_errno;
}
else
{
$login = $_POST['login'];
$haslo = $_POST['haslo'];
$login = htmlentities($login, ENT_QUOTES, "UTF-8");
if ($rezultat = @$polaczenie->query(
sprintf("SELECT * FROM uzytkownicy WHERE user='%s'",
mysqli_real_escape_string($polaczenie,$login))))
{
$ilu_userow = $rezultat->num_rows;
if($ilu_userow>0)
{
$wiersz = $rezultat->fetch_assoc();
if (password_verify($haslo, $wiersz['pass']))
{
$aa = $wiersz['perm'];
if($aa==1)
{
$_SESSION['zalogowany1'] = true;
$_SESSION['id'] = $wiersz['id'];
$_SESSION['user'] = $wiersz['user'];
$_SESSION['imie'] = $wiersz['imie'];
$_SESSION['nazwisko'] = $wiersz['nazwisko'];
$_SESSION['perm'] = $wiersz['perm'];
$_SESSION['kamien'] = $wiersz['kamien'];
$_SESSION['zboze'] = $wiersz['zboze'];
$_SESSION['email'] = $wiersz['email'];
$_SESSION['dnipremium'] = $wiersz['dnipremium'];
unset($_SESSION['blad']);
$rezultat->free_result();
header('Location: admin.php');
}
elseif($aa==2)
{
$_SESSION['zalogowany2'] = true;
$_SESSION['id'] = $wiersz['id'];
$_SESSION['user'] = $wiersz['user'];
$_SESSION['imie'] = $wiersz['imie'];
$_SESSION['nazwisko'] = $wiersz['nazwisko'];
$_SESSION['perm'] = $wiersz['perm'];
$_SESSION['kamien'] = $wiersz['kamien'];
$_SESSION['zboze'] = $wiersz['zboze'];
$_SESSION['email'] = $wiersz['email'];
$_SESSION['dnipremium'] = $wiersz['dnipremium'];
unset($_SESSION['blad']);
$rezultat->free_result();
header('Location: ucz.php');
}
else
{
$_SESSION['zalogowany3'] = true;
$_SESSION['id'] = $wiersz['id'];
$_SESSION['user'] = $wiersz['user'];
$_SESSION['imie'] = $wiersz['imie'];
$_SESSION['nazwisko'] = $wiersz['nazwisko'];
$_SESSION['perm'] = $wiersz['perm'];
$_SESSION['kamien'] = $wiersz['kamien'];
$_SESSION['zboze'] = $wiersz['zboze'];
$_SESSION['email'] = $wiersz['email'];
$_SESSION['dnipremium'] = $wiersz['dnipremium'];
unset($_SESSION['blad']);
$rezultat->free_result();
header('Location: klient.php');
}
}
else {
$_SESSION['blad'] = '<span style="color:red">Nieprawidłowy login lub hasło!</span>';
header('Location: login.php');
}
}
else {
$_SESSION['blad'] = '<span style="color:red">Nieprawidłowy login lub hasło!</span>';
header('Location: login.php');
}
}
$polaczenie->close();
}
?>