1#@!#!123s

: / home / u193541357 / domains / racysanitaryware.com / public_html / admin /

Filename : login-check.php

back

<?php
session_start();

include('../db.php');

// Handle login form submission
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $email = $_POST['email'];
    $password = $_POST['password'];

    // Prevent SQL injection
    $email = $conn->real_escape_string($email);

    // Query to check if the user exists
    $sql = "SELECT * FROM users WHERE email = '$email'";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        $user = $result->fetch_assoc();

        // Verify password
        if ($password === $user['password']) {
            $_SESSION['user'] = $user['email'];
            header("Location: index.php"); // Redirect to your main project page
            exit();
        } else {
            header("Location: login.php?error=Provided Credentials are wrong!");
            exit();
        }
    } else {
        header("Location: login.php?error=Provided Credentials are wrong!");
        exit();
    }
}

$conn->close();