<?php session_start(); define("HOST_NAME" , "localhost"); define("DB_USER" , "root"); define("DB_PASS" , ""); define("DB_NAME" , "db"); mysql_connect(HOST_NAME,DB_USER,DB_PASS) or die(mysql_error()); mysql_select_db(DB_NAME); $MSG = ''; if (isset($_POST['submit'])) { $u_name = mysql_real_escape_string($_POST['u_name']); $password = mysql_real_escape_string($_POST['password']); if (($u_name == "") || ($password == "")) $MSG = "Please Enter Username/Password"; if ($MSG == "") { $query = "select * from tbl_user where u_name='$u_name' and password = '$password' and u_status = 1 "; $result = mysql_query($query) or die(mysql_error()); if ($row = mysql_fetch_object($result)) { $_SESSION['USER'] = $row->u_name; $_SESSION['role_type'] = $row->role_type; mysql_query("insert into login_log (user,ip) values('" . $_SESSION['USER'] . "','" . $_SERVER['REMOTE_ADDR'] . "')"); if ($_SESSION['role_type'] == 'admin') { header("Location: index.php"); } elseif ($_SESSION['role_type'] == 'employee') { header("Location: employee_index.php"); } elseif ($_SESSION['role_type'] == 'client') { header("Location: client_index.php"); } } else { $MSG = "Invalid username/password :: Try again"; } } } ?> <?php echo $MSG; ?> <form class="form-horizontal m-t-20" action="" method="post"> <div class="form-group"> <div class="col-xs-12"> <input class="form-control input-lg" type="text" required="" placeholder="Username" name="u_name"></div></div> <div class="form-group"><div class="col-xs-12"><input class="form-control input-lg" type="password" required="" placeholder="Password" name="password"></div></div><div class="form-group text-center m-t-40"><div class="col-xs-12"><button class="btn btn-primary btn-lg w-lg waves-effect waves-light" type="submit" name="submit">Log In</button></div> <a href="../index.html">Back to Home</a> </div><div class="form-group m-t-30"></div></form>