code/admin_log.php at main · thanhtai1901/code · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
include "./admin/includes/connect.php";
session_start();

// if (isset($_SESSION["type"])) {
//     header('location:index.php');
// }

//$_SESSION["type"] 0 => user, 1 => admin, 2 => super admin
function redirect($url)
{
    if (!headers_sent()) {
        header('Location: ' . $url);
        exit;
    } else {
        echo '<script type="text/javascript">';
        echo 'window.location.href="' . $url . '";';
        echo '</script>';
        echo '<noscript>';
        echo '<meta http-equiv="refresh" content="0;url=' . $url . '" />';
        echo '</noscript>';
        exit;
    }
}


if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $check               = 1;
    $email               = strtolower($_POST["email"]);
    $password            = $_POST['password'];
    $emailError          = "";
    $passwordError       = "";
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $emailError = ("$email is not a valid email address");
        $check = 0;
    }
    if ($email == "") {
        $check = 0;
        $emailError = "The email shouldn't be empty!";
    }
    if ($password == "") {
        $check = 0;
        $passwordError = "The email shouldn't be empty!";
    }

    if ($check == 1) {
        $check_exist = "SELECT * FROM admins WHERE admin_email = '$email'";
        $result = mysqli_query($conn, $check_exist);
        $data = mysqli_fetch_array($result, MYSQLI_NUM);
        if ($check_exist) {
            $sql = "SELECT * FROM admins WHERE admin_email = '$email'";
            $result = mysqli_query($conn, $sql);
            $admins  = mysqli_fetch_all($result, MYSQLI_ASSOC);
            foreach ($admins as $admin) {
                // super admin
                if ($email == $admin["admin_email"] && $password == $admin["admin_password"] && $admin["admin_type"] == 1) {
                    $_SESSION["type"] = 2;
                    $_SESSION["super_admin_id"] = $admin['admin_id'];
                    redirect("admin/index.php");
                    // admin
                } elseif ($email == $admin["admin_email"] && $password == $admin["admin_password"] && $admin["admin_type"] == 0) {
                    $_SESSION["type"] = 1;
                    $_SESSION["admin_id"] = $admin['admin_id'];
                    redirect("admin/index.php");
                } else {
                    $error = "your email or password is wrong";
                }
            }
        } else {
            $error = "your email isnt exist please register";
        }
    }
}

?>

<!DOCTYPE html>
<html>

<head>
    <meta charset="utf-8">
    <title>SignIN</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">

    <!-- MATERIAL DESIGN ICONIC FONT -->
    <link rel="stylesheet" href="fonts/material-design-iconic-font/css/material-design-iconic-font.min.css">

    <!-- STYLE CSS -->
    <link rel="stylesheet" href="css/signing_style.css">
</head>

<body>

    <!-- <div class="wrapper" style="background-image: url('images/bg-registration-form-1.jpg');"> -->
        <div class="inner">
            <div class="image-holder">
                <img loading="lazy" src="https://cdn.discordapp.com/attachments/914883219546058815/917071612061319290/registration-form-1.jpg" alt="">
            </div>
            <form method="POST" id="signup_form">
                <h3 id="login_h3">Admin LogIn</h3>
                <div style="color: red;font-weight:bold;" id="pass2Help"><?php echo @$error ?></div>
                <div class="form-wrapper">
                    <input type="email" name="email" placeholder="Email Address" class="form-control" id="signin_email_input" required autofocus auto style="text-transform:lowercase">
                    <i class="zmdi zmdi-email"></i>
                    <div style="color: red;font-weight:bold;" id="emailHelp">
                        <div style="color: red;font-weight:bold;" id="pass2Help"><?php echo @$emailError ?></div>
                    </div>
                </div>
                <div class="form-wrapper">
                    <input type="password" name="password" placeholder="Password" class="form-control" id="signin_pass_input" required>
                    <i class="zmdi zmdi-lock"></i>
                    <div style="color: red;font-weight:bold;" id="passHelp">
                        <div style="color: red;font-weight:bold;" id="pass2Help"><?php echo @$passwordError ?></div>
                    </div>
                </div>
                <button id="signin_insignin_btn" type="submit">LogIn
                    <i class="zmdi zmdi-arrow-right"></i>
                </button>
                <!-- <div class="dont">
                    <span class="dont">Don't have an account? <a class="ms-1 regster-href" href="sign_up.php">Sign up</a> </span>
                </div> -->
            </form>
        </div>
    </div>
</body>

</html>