Hej! Czy chciałby mnie nakierować gdzie jest błąd?
zarejestruj.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
<link rel="stylesheet" href="logowanie.css">
</head>
<body>
<div class="main">
<input type="checkbox" id="chk" aria-hidden="true" />
<div class="singup">
<form method="post" action="rejestracja.php">
<label for="chk" aria-hidden="true">Sign up</label>
<input type="text" name="imie" placeholder="Imie"/>
<input type="password" name="password" placeholder="Password"/>
<input type="email" name="email" placeholder="Email"/>
<button type="submit">Sign up</button>
</form>
</div>
<div class="login">
<form method="post" action="logowanie.php">
<label for="chk" aria-hidden="true">Login</label>
<input type="email" name="email" placeholder="Email" required>
<input type="password" name="password" placeholder="Password"/>
<button>Login</button>
</form>
</div>
</div>
</body>
</html>
logowanie.php
<?php
session_start();
$host = "localhost";
$db_user = "root";
$db_pass = "";
$db_name = "hotel";
$conn = new mysqli($host, $db_user, $db_pass, $db_name) or die("Odpowiedź: Błąd połączenia z serwerem $host");
$password = mysqli_real_escape_string($conn, $_POST["password"]);
$email = mysqli_real_escape_string($conn, $_POST["email"]);
$query_login = mysqli_query($conn, "SELECT * FROM users WHERE email ='$email'");
if (mysqli_num_rows($query_login) > 0) {
$record = mysqli_fetch_assoc($query_login);
$hash = $record["password"];
if (password_verify($password, $hash)) {
$_SESSION["current_user"] = $record['id'];
$_SESSION["user_role"] = $record['role'];
}
}
if (isset($_SESSION["current_user"])) {
if ($_SESSION["user_role"] == "admin") {
header("Location: indexadmin.php");
} else {
header("Location: rezerwuj.php");
}
} else {
/* Użytkownik nie jest zalogowany */
}
exit();
?>
