-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest.php
More file actions
60 lines (50 loc) · 2.44 KB
/
test.php
File metadata and controls
60 lines (50 loc) · 2.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
session_start();
require_once 'config/db.php';
if (isset($_POST['signin'])) {
$studentID = $_POST['studentID'];
$password = $_POST['password'];
if (empty($studentID)) {
$_SESSION['error'] = 'กรุณากรอกรหัสนักเรียน';
header("location: signin.php");
} else if (empty($password)) {
$_SESSION['error'] = 'กรุณากรอกรหัสผ่าน';
header("location: signin.php");
} else if (strlen($_POST['password']) > 20 || strlen($_POST['password']) < 5) {
$_SESSION['error'] = 'รหัสผ่านต้องมีความยาวระหว่าง 5 ถึง 20 ตัวอักษร';
header("location: signin.php");
} else {
try {
$check_data = $conn->prepare("SELECT * FROM users WHERE studentID = :studentID");
$check_data->bindParam(":studentID", $studentID);
$check_data->execute();
$row = $check_data->fetch(PDO::FETCH_ASSOC);
if ($check_data->rowCount() > 0) {
if ($studentID == $row['studentID']) {
if (password_verify($password, $row['password'])) {
if ($row['urole'] == 'admin') {
$_SESSION['admin_login'] = $row['id'];
header("location: admin.php");
} else {
$_SESSION['user_login'] = $row['id'];
$_SESSION['studentID'] = $row['studentID'];
header("location: user.php");
}
} else {
$_SESSION['error'] = 'รหัสผ่านผิด';
header("location: signin.php");
}
} else {
$_SESSION['error'] = 'รหัสนักเรียนผิด';
header("location: signin.php");
}
} else {
$_SESSION['error'] = "ไม่มีข้อมูลในระบบ";
header("location: signin.php");
}
} catch(PDOException $e) {
echo $e->getMessage();
}
}
}
?>