I have page login.php :
<?php
include '../f-connect.php';
if(isset($_POST) && !empty($_POST['login']) && !empty($_POST['password'])){
extract($_POST);
$password = sha1($password);
$sql = "SELECT u.*, r.* FROM users as u INNER JOIN roles AS r ON r.id_roles = u.roles_id WHERE u.login = '$login' AND u.password = '$password' AND r.name = 'provider'";
$req = $db->prepare($sql);
$req->execute();
if($req->rowCount() > 0){
$data = $req->fetch();
$_SESSION['Auth']= array(
'id_user' => $data['id_user'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'login' => $data['login'],
'password' => $data['password'],
'roles_id' => $data['roles_id'],
'id_roles' => $data['id_roles'],
'name' => $data['name'],
);
$_SESSION['flash']['success'] = "You are now connected";
header("Location:../Provider/profilProvider.php");
}else{
echo '<div class ="alert alert-warning">Login or password incorrect</div>';
}
}elseif(isset($_POST) && !empty($_POST['login']) && !empty($_POST['password'])){
extract($_POST);
$password = sha1($password);
$sql = "SELECT u.*, r.* FROM users as u INNER JOIN roles AS r ON r.id_roles = u.roles_id WHERE u.login = '$login' AND u.password = '$password' AND r.name = 'customer'";
$req = $db->prepare($sql);
$req->execute();
if($req->rowCount() > 0){
$data = $req->fetch();
$_SESSION['Auth']= array(
'id_user' => $data['id_user'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'login' => $data['login'],
'password' => $data['password'],
'roles_id' => $data['roles_id'],
'id_roles' => $data['id_roles'],
'name' => $data['name'],
);
$_SESSION['flash']['success'] = "You are now connected";
header("Location:../customer/profilCustomer.php");
}else{
echo '<div class ="alert alert-warning">Login or password incorrect</div>';
}
}
?>
And i have two folders that contain:
folder one :
provider :
->profilProvider.php
->listProviders.php
->addProvider.php
->updateProvider.php
folder two :
customer :
->profilCustomer.php
->listCustomers.php
->addCustomer.php
->updateCustomer.php
And i have table users :
- id_user : int
- firstname :varchar(100)
- lastname : varchar(100)
- login : varchar(100)
- password : varchar(100)
- roles_id : int
And table roles :
- id_roles : int
- name : varchar(100) ['provider', 'costumer']
when I would enter the login and password I want to redirect to one of these two folders
for example :
- if the role equal provider I would go to the profilProvider.php page in the provider folder
- if the role equal costumer I would go to the profilCostumer.php page in the costumer folder
But not direct me in associated folders