-
Notifications
You must be signed in to change notification settings - Fork 5
/
login.php
102 lines (79 loc) · 4.14 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
include "db.php";
session_start();
#Login script is begin here
#If user given credential matches successfully with the data available in database then we will echo string login_success
#login_success string will go back to called Anonymous funtion $("#login").click()
if (isset($_POST["email"]) && isset($_POST["password"])) {
$email = mysqli_real_escape_string($con, $_POST["email"]);
$password = $_POST["password"];
$sql = "SELECT * FROM user_info WHERE email = '$email' AND password = '$password'";
$run_query = mysqli_query($con, $sql);
$count = mysqli_num_rows($run_query);
$row = mysqli_fetch_array($run_query);
$_SESSION["uid"] = $row["user_id"];
$_COOKIE["onshuid"] = $row["user_id"];
$_SESSION["name"] = $row["first_name"];
$ip_add = getenv("REMOTE_ADDR");
//we have created a cookie in login_form.php page so if that cookie is available means user is not login
//if user record is available in database then $count will be equal to 1
if ($count == 1) {
if (isset($_COOKIE["product_list"])) {
$p_list = stripcslashes($_COOKIE["product_list"]);
//here we are decoding stored json product list cookie to normal array
$product_list = json_decode($p_list, true);
for ($i = 0; $i < count($product_list); $i++) {
//After getting user id from database here we are checking user cart item if there is already product is listed or not
$verify_cart = "SELECT id FROM cart WHERE user_id = $_SESSION[uid] AND p_id = " . $product_list[$i];
$result = mysqli_query($con, $verify_cart);
if (mysqli_num_rows($result) < 1) {
//if user is adding first time product into cart we will update user_id into database table with valid id
$update_cart = "UPDATE cart SET user_id = '$_SESSION[uid]' WHERE ip_add = '$ip_add' AND user_id = -1";
mysqli_query($con, $update_cart);
} else {
//if already that product is available into database table we will delete that record
$delete_existing_product = "DELETE FROM cart WHERE user_id = -1 AND ip_add = '$ip_add' AND p_id = " . $product_list[$i];
mysqli_query($con, $delete_existing_product);
}
}
//here we are destroying user cookie
setcookie("product_list", "", strtotime("-1 day"), "/");
//if user is logging from after cart page we will send cart_login
echo "cart_login";
exit();
}
//if user is login from page we will send login_success
echo "login_success";
$BackToMyPage = $_SERVER['HTTP_REFERER'];
if (!isset($BackToMyPage)) {
header('Location: ' . $BackToMyPage);
echo "<script type='text/javascript'>
</script>";
} else {
header('Location: index.php'); // default page
}
exit;
} else {
$email = mysqli_real_escape_string($con, $_POST["email"]);
$password = md5($_POST["password"]);
$sql = "SELECT * FROM admin_info WHERE admin_email = '$email' AND admin_password = '$password'";
$run_query = mysqli_query($con, $sql);
$count = mysqli_num_rows($run_query);
//if user record is available in database then $count will be equal to 1
if ($count == 1) {
$row = mysqli_fetch_array($run_query);
$_SESSION["uid"] = $row["admin_id"];
$_SESSION["name"] = $row["admin_name"];
$ip_add = getenv("REMOTE_ADDR");
//we have created a cookie in login_form.php page so if that cookie is available means user is not login
//if user is login from page we will send login_success
echo "login_success";
echo "<script> location.href='admin/add_product.php'; </script>";
exit;
} else {
echo "<span style='color:red;'>Please register before login..!</span>";
exit();
}
}
}
?>