AlkantarClanX12

Your IP : 216.73.216.14

Current Path : /home/xdlcxzbz/accountsmtsgroup.com/
Upload File :
Current File : //home/xdlcxzbz/accountsmtsgroup.com/login.php

<?php
session_start();
require_once "SqlConnection/MySqlConnection.php";

if (isset($_POST['email'])){
    $email = $_POST['email'];
    $password = $_POST['password'];
    $type = $_POST['type'];
    $sql;
    if($type=="user"){
        $sql = "SELECT * FROM login WHERE email='".$email."' AND password='".$password."' AND type='user' LIMIT 1";        
    }
    else{
        $sql = "SELECT * FROM login WHERE email='".$email."' AND password='".$password."' AND type='admin' LIMIT 1";
    }    
    $result = mysqli_query($conn,$sql);
    if (mysqli_num_rows($result)==1){

        $userID="";                                        
        $userType= "";                
        while ($row = mysqli_fetch_array($result)) {
            $userID = $row['id'];
            $userType= $row['type'];
        }
        
        
        if($type=="user"){
            $checkLoginRight = "SELECT * FROM rights WHERE id='".$userID."'";   
            $result2 = mysqli_query($conn,$checkLoginRight);
            while ($row = mysqli_fetch_array($result2)) {
                $loginAccess = $row['loginAccess'];            
            }     
            if($loginAccess=="no"){
                header("Location: index.php");
                exit();
            }
        }
        


        $_SESSION['userID'] = $userID;                   
        $_SESSION['userType'] = $userType;                   
        header("Location: index.php");
        exit();
    }
    else{
        header("Location: sign-in.php");
        exit();
    }
}
?>