<?php

session_start();
ob_start();

include 'database_connection.php';
if (isset($_POST['formsubmitted']) && $_POST['formsubmitted'] == TRUE) 

    $error = array();//this aaray will store all error messages


    if (isset($_POST['email']) && empty($_POST['email']))  //if the email supplied is empty 
    {
        $error[] = 'You forgot to enter  your Email ';
    } 
    else 
    {
        if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['email'])) {

            $Email = $_POST['email'];
        } 
        else 
        {
             $error[] = 'Your EMail Address is invalid  ';
        }
    }

    if (isset($_POST['Password']) && empty($_POST['Password'])) 
    {
        $error[] = 'Please Enter Your Password ';
    } 
    else 
    {
        $Password = $_POST['Password'];
    }


    if (empty($error))//if the array is empty , it means no error found
    {
        $check_usrs1 = mysql_query("select * from `users` where `Email` = '".mysql_real_escape_string($Email)."' and `Password` = '".mysql_real_escape_string($Password)."' and `Activation` = '".mysql_real_escape_string('NULL')."' and `role` = '".mysql_real_escape_string('1')."'");

        $check_users2 = mysql_query("select * from `users` where `Email` = '".mysql_real_escape_string($Email)."' and `Password` = '".mysql_real_escape_string($Password)."' and `Activation` = '".mysql_real_escape_string('NULL')."' and `role` = '".mysql_real_escape_string('2')."'");

        $check_users3 = mysql_query("select * from `users` where `Email` = '".mysql_real_escape_string($Email)."' and `Password` = '".mysql_real_escape_string($Password)."' and `Activation` = '".mysql_real_escape_string('NULL')."' and `role` = '".mysql_real_escape_string('3')."'");

        $check_users4 = mysql_query("select * from `users` where `Email` = '".mysql_real_escape_string($Email)."' and `Password` = '".mysql_real_escape_string($Password)."' and `Activation` = '".mysql_real_escape_string('NULL')."' and `role` = '".mysql_real_escape_string('4')."'");

        $check_admin = mysql_query("select * from `users` where `Email` = '".mysql_real_escape_string($Email)."' and `Password` = '".mysql_real_escape_string($Password)."' and `Activation` = '".mysql_real_escape_string('NULL')."' and `role` = '".mysql_real_escape_string('5')."'");
        if(mysql_num_rows($check_users1) == 1)
{
    $_SESSION["Username"] = $Email;
    header("location: admin_page.php");
}

    elseif(mysql_num_rows($check_users2) == 2) 
{
    $_SESSION["Username"] = $Email;
    header("location: users2.php");
}

    else if(mysql_num_rows($check_users3) == 3) 
{
    $_SESSION['Username'] = $Email;
    header("location: users3.php");
}

        else if(mysql_num_rows($check_users4) == 4) 
{
    $_SESSION['Username'] = $Email;
    header("location: users4.php");
}

        else if(mysql_num_rows($check_users5) == 5) 
{
    $_SESSION['Username'] = $Email;
    header("location: users5.php");
}

        else


        {
            $msg_error= 'Your Account is inactive or Email address /Password is Incorrect';
        }

    }  
    else 
    {
        echo '<div class="errormsgbox"> <ol>';
        foreach ($error as $key => $values) 
        {
            echo '  <li>'.$values.'</li>';
        }
        echo '</ol></div>';
    }


    if(isset($msg_error)){

        echo '<div class="warning">'.$msg_error.' </div>';
    }
}
 // End of the main Submit conditional.



?> 
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.