-
Notifications
You must be signed in to change notification settings - Fork 33
/
staff_login.php
60 lines (50 loc) · 1.63 KB
/
staff_login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
session_start();
if(isset($_SESSION['staff_login']))
header('location:staff_homepage.php');
?>
<!DOCTYPE html>
<html>
<head>
<noscript><meta http-equiv="refresh" content="0;url=no-js.php"></noscript>
<meta charset="UTF-8">
<title>Staff Login - Online Banking</title>
<link rel="stylesheet" href="newcss.css">
</head>
<?php
include 'header.php'; ?>
<div class='content'>
<div class="user_login">
<form action='' method='POST'>
<table align="center">
<tr><td><span class="caption">Staff Login</span></td></tr>
<tr><td colspan="2"><hr></td></tr>
<tr><td>Username:</td></tr>
<tr><td><input type="text" name="uname"></td></tr>
<tr><td>Password:</td></tr>
<tr><td><input type="password" name="pwd"></td></tr>
<tr><td class="button1"><input type="submit" name="submitBtn" value="Log In" class="button"></td></tr>
</table>
</form>
</div>
</div>
<?php include 'footer.php';
?>
<?php
if(isset($_REQUEST['submitBtn'])){
include '_inc/dbconn.php';
$username=$_REQUEST['uname'];
$password=$_REQUEST['pwd'];
$sql="SELECT email,pwd FROM staff WHERE email='$username' AND pwd='$password'";
$result=mysql_query($sql) or die(mysql_error());
$rws= mysql_fetch_array($result);
if($rws[0]==$username && $rws[1]==$password){
session_start();
$_SESSION['staff_login']=1;
$_SESSION['staff_id']=$username;
header('location:staff_homepage.php');
}
else
echo "fail";
}
?>