<?php
session_start();
require('connect.php');
if (isset($_POST['username']) and isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM users WHERE username='$username' and password='$password'";
$query2 = "SELECT * FROM users WHERE role = 'admin'";
$query3 = "SELECT * FROM users WHERE ban = '1'";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$result2 = mysqli_query($connection, $query2) or die(mysqli_error($connection));
$result3 = mysqli_query($connection, $query3) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);
$ban = [];
$role = [];
while ($row = mysqli_fetch_array($result3)) {
$ban[] = $row['username'];
}
if (in_array($username, $ban)){
$_SESSION['m'] = "Пользователь заблокирован";
} else {
header('Location: index.html');
echo "Вы вошли под пользователем ";
}
while ($row = mysqli_fetch_array($result2)) {
$role[] = $row['username'];
}
if (in_array($username, $role)) {
header('Location:admin.php');
$_SESSION['t'] = "Вы вошли под админом ";
} else {
header('Location: index.html');
echo "Вы вошли под пользователем ";
}
if ($count == 1) {
$_SESSION['username'] = $username;
} else {
$fsmsg = "Ошибка";
}
}
if (isset($_SESSION['username'])) {
$username = $_SESSION['username'];
echo "Hello," . $username . "";
echo "<a href='logout.php' class='btn btn-lg btn-primary'>Выйти</a>";
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet" href="style.css">
<title>Авторизация</title>
</head>
<body>
<div class="container">
<form class="form-signin" method="POST">
<h2>Авторизация</h2>
<input type="text" name="username" class="form-control" placeholder="Username" required>
<input type="password" name="password" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Авторизоваться</button>
<a href="index.php" class="btn btn-lg btn-primary btn-block">Зарегистрироваться</a>
</form>
</div>
</body>
</html>
<code>
<?php
session_start();
require('connect.php');
$fsmsg = "";
if (!empty($_POST['username']) AND !empty($_POST['password'])) {
$username = mysqli_real_escape_string($connection, $_POST['username']);
$password = $_POST['password'];
$query = "SELECT * FROM users WHERE username='{$username}'";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$row = mysqli_fetch_assoc($result);
if (isset($row['ban']) AND $row['ban'] == 1){
$fsmsg = "Пользователь заблокирован";
}
else if (isset($row['password']) AND $row['password'] == $password) {
$_SESSION['username'] = $username;
$fsmsg = "Вы вошли под пользователем";
if (isset($row['role']) AND $row['role'] == "admin") {
$fsmsg = "Вы вошли под админом";
}
} else {
$fsmsg = "Ошибка";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet" href="style.css">
<title>Авторизация</title>
</head>
<body>
<div class="container">
<?php
if (isset($_SESSION['username'])) {
$username = $_SESSION['username'];
echo("Hello," . $username . ".<br>\n");
if(!empty($fsmsg)) echo("<h2>{$fsmsg}</h2><br>\n");
echo("<a href='logout.php' class='btn btn-lg btn-primary'>Выйти</a>");
}
else
{
?>
<form class="form-signin" method="POST">
<?php if(!empty($fsmsg)) echo("<h2>{$fsmsg}</h2><br>\n"); ?>
<h2>Авторизация</h2>
<input type="text" name="username" class="form-control" placeholder="Username" required>
<input type="password" name="password" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Авторизоваться</button>
<a href="index.php" class="btn btn-lg btn-primary btn-block">Зарегистрироваться</a>
</form>
</div>
<?php
}
?>
</body>
</html>