<header>
<div class="wrapper">
<nav>
<p>Restaurant Tuscany</p>
<ul>
<li><a href="?page=2">Menu</a></li>
<li><a href="?page=3">Gallery</a></li>
<li><a href="?page=4">Contact</a></li>
<?php
if(isset($_SESSION['username'])){
foreach($userRows as $userRow){
?>
<li><a href='?action=logout'>Logud</a></li>
<?php
}
if(isset($_GET['action'])){
if($_GET['action'] == 'logout'){
restLogout();
}
}
}else{
print '<li><a href="?page=5">Login</a></li>';
}
?>
</ul><!-- ul ends here -->
<div class="clear"></div>
</nav><!-- nav ends here -->
<h1><br>Why travel to Italy<br>to taste the local<br>traditions?</h1>
<div class="circle">
<p><br>Get your<br>
Tuscany<br>
daily special<br>
here</p>
</div><!-- circle ends here -->
</div><!-- wrapper ends here -->
</header><!-- header ends here -->
<?php
if(isset($_SESSION['username'])){
print "<script>window.location.replace('?page=home');</script>";
}else{
?>
<div class="login">
<div class="loginWrapper">
<div id="login">
<div id="triangle"></div>
<h1>Log in</h1>
<form action="" method="POST">
<input type="text" name="username" placeholder="Username" />
<?php
if($_GET['error'] == 2){
print "Wrong Username";
}
?>
<input type="password" name="password" placeholder="Password" />
<?php
if($_GET['error'] == 3){
print "Wrong Password";
}
?>
<input type="submit" name="submit" value="Login" />
</form>
<?php
if($_GET['error'] == 1){
print "All should be field out";
}
//Virker med Admin
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = hash('sha256', $_POST['password']);
restLogin($username, $password);
}
}
?>
</div>
</div>
</div>
<?php
function restLogin($username, $password){
global $objCon;
if($username != '' && $password != ''){
$checkUser = $objCon->query("SELECT username FROM rest_user WHERE username = '$username' LIMIT 1");
$checkAdmin = $objCon->query("SELECT username, password, userType FROM rest_user WHERE username = '$username' AND password = '$password' AND userType = 1");
$checkPass = $objCon->query("SELECT username, password FROM rest_user WHERE username = '$username' AND password = '$password' LIMIT 1");
if(mysqli_num_rows($checkUser) != 1){
header('Location: ?page=5&error=2');
}elseif(mysqli_num_rows($checkPass) != 1){
header('Location: ?page=5&error=3');
}elseif(mysqli_num_rows($checkAdmin) >= 1){
$_SESSION['username'] = $username;
header('Location: ?page=100');
}else{
$_SESSION['username'] = $username;
header('Location: ?page=200');
}
}else{
header('Location: ?page=5&error=1');
}
}
?>
<?php
function restLogout(){
unset($_SESSION['username']);
header('Location: ?page=home');
}
?>
<?php
if (isset($_GET['action']) && ($_GET['action'] == 'logout') {
restLogout();
}
?>
<header>
<div class="wrapper">
<nav>
<p>Restaurant Tuscany</p>
<ul>
<li><a href="?page=2">Menu</a></li>
<li><a href="?page=3">Gallery</a></li>
<li><a href="?page=4">Contact</a></li>
<?php if (isset($_SESSION['username']) && count($userRows)): ?>
<li><a href='?action=logout'>Logud</a></li>
<?php else: ?>
<li><a href="?page=5">Login</a></li>
<?php endif; ?>
</ul><!-- ul ends here -->
<div class="clear"></div>
</nav><!-- nav ends here -->
<h1><br>Why travel to Italy<br>to taste the local<br>traditions?</h1>
<div class="circle">
<p><br>Get your<br> Tuscany<br> daily special<br> here</p>
</div><!-- circle ends here -->
</div><!-- wrapper ends here -->
</header><!-- header ends here -->
<?php
//Virker med Admin
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = hash('sha256', $_POST['password']);
restLogin($username, $password);
}
?>
<?php if (isset($_SESSION['username'])): ?>
<script>window.location.replace('?page=home');</script>
<?php else: ?>
<div class="login">
<div class="loginWrapper">
<div id="login">
<div id="triangle"></div>
<h1>Log in</h1>
<form action="" method="POST">
<input type="text" name="username" placeholder="Username" />
<?php if($_GET['error'] == 2): ?>
Wrong Username
<?php endif; ?>
<input type="password" name="password" placeholder="Password" />
<?php if($_GET['error'] == 3): ?>
Wrong Password
<?php endif; ?>
<input type="submit" name="submit" value="Login" />
</form>
<?php if($_GET['error'] == 1): ?>
All should be field out
<?php endif; ?>
</div>
</div>
</div>
<?php endif; ?>
<?php
function restLogin($username, $password) {
global $objCon;
if ($username != '' && $password != '') {
$checkUser = $objCon->query("SELECT username FROM rest_user WHERE username = '$username' LIMIT 1");
$checkAdmin = $objCon->query("SELECT username, password, userType FROM rest_user WHERE ".
"username = '$username' AND password = '$password' AND userType = 1");
$checkPass = $objCon->query("SELECT username, password FROM rest_user WHERE username = ".
"'$username' AND password = '$password' LIMIT 1");
if (mysqli_num_rows($checkUser) != 1) {
header('Location: ?page=5&error=2');
} elseif (mysqli_num_rows($checkPass) != 1) {
header('Location: ?page=5&error=3');
} elseif (mysqli_num_rows($checkAdmin) >= 1) {
$_SESSION['username'] = $username;
header('Location: ?page=100');
} else {
$_SESSION['username'] = $username;
header('Location: ?page=200');
}
} else {
header('Location: ?page=5&error=1');
}
}
function restLogout() {
unset($_SESSION['username']);
header('Location: ?page=home');
}
?>