132 lines
5.8 KiB
PHP
132 lines
5.8 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
// Handle login form submission
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|
$login_identifier = $_POST['login_identifier'] ?? '';
|
|
$password = $_POST['password'] ?? '';
|
|
$error = '';
|
|
|
|
if (empty($login_identifier) || empty($password)) {
|
|
$error = "Please enter both your identifier and password.";
|
|
} else {
|
|
$pdo = db_connect();
|
|
if ($pdo) {
|
|
// Check if the identifier is a phone number or an ID number
|
|
$sql = "SELECT id, full_name, user_role, password_hash FROM users WHERE phone_number = :identifier OR id_number = :identifier";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->execute(['identifier' => $login_identifier]);
|
|
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if ($user && password_verify($password, $user['password_hash'])) {
|
|
// Password is correct, set session variables
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['full_name'] = $user['full_name'];
|
|
$_SESSION['user_role'] = $user['user_role'];
|
|
|
|
// Redirect based on user role
|
|
if ($user['user_role'] === 'admin') {
|
|
header("Location: admin/dashboard.php");
|
|
} else {
|
|
// For other users, redirect to the main page or a user-specific dashboard
|
|
header("Location: index.php");
|
|
}
|
|
exit();
|
|
} else {
|
|
// Invalid credentials
|
|
$error = "Invalid login credentials. Please try again.";
|
|
}
|
|
} else {
|
|
$error = "Database connection failed. Please try again later.";
|
|
}
|
|
}
|
|
|
|
// If there was an error, store it in the session to display it
|
|
if ($error) {
|
|
$_SESSION['message'] = $error;
|
|
$_SESSION['alert_type'] = 'danger';
|
|
header("Location: login.php");
|
|
exit();
|
|
}
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Login - MyMech</title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap" rel="stylesheet">
|
|
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
|
|
</head>
|
|
<body>
|
|
<nav class="navbar navbar-expand-lg navbar-dark bg-navy-blue-darker">
|
|
<div class="container">
|
|
<a class="navbar-brand" href="index.php"><span class="golden-text">MyMech</span></a>
|
|
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
|
|
<span class="navbar-toggler-icon"></span>
|
|
</button>
|
|
<div class="collapse navbar-collapse" id="navbarNav">
|
|
<ul class="navbar-nav ms-auto align-items-center">
|
|
<li class="nav-item mb-2 mb-lg-0 me-lg-2">
|
|
<a class="btn btn-outline-golden px-3" href="login.php">Login</a>
|
|
</li>
|
|
<li class="nav-item">
|
|
<a class="btn btn-golden px-3" href="register.php">Register</a>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
</nav>
|
|
|
|
<main class="container py-5">
|
|
<div class="row justify-content-center">
|
|
<div class="col-lg-6 col-md-8">
|
|
<div class="form-container">
|
|
<h2 class="text-center golden-text mb-4">Login to Your Account</h2>
|
|
|
|
<?php
|
|
// Display messages if any (e.g., from registration or login errors)
|
|
if (isset($_SESSION['message'])) {
|
|
$message = $_SESSION['message'];
|
|
$alert_type = $_SESSION['alert_type'];
|
|
echo "<div class='alert alert-{$alert_type} alert-dismissible fade show' role='alert'>";
|
|
echo htmlspecialchars($message);
|
|
echo '<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>';
|
|
echo "</div>";
|
|
// Unset the session variables so they don't persist
|
|
unset($_SESSION['message']);
|
|
unset($_SESSION['alert_type']);
|
|
}
|
|
?>
|
|
|
|
<form action="login.php" method="POST">
|
|
<div class="mb-3">
|
|
<label for="login_identifier" class="form-label">Phone Number or National ID</label>
|
|
<input type="text" class="form-control" id="login_identifier" name="login_identifier" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="password" class="form-label">Password</label>
|
|
<input type="password" class="form-control" id="password" name="password" required>
|
|
</div>
|
|
<div class="d-grid">
|
|
<button type="submit" class="btn btn-golden btn-lg">Login</button>
|
|
</div>
|
|
<p class="text-center mt-4">Don't have an account? <a href="register.php">Register here</a>.</p>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</main>
|
|
|
|
<footer class="footer text-center">
|
|
<div class="container">
|
|
<p>© <?php echo date("Y"); ?> MyMech. All Rights Reserved.</p>
|
|
</div>
|
|
</footer>
|
|
|
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
|
|
</body>
|
|
</html>
|