Spaces:
Sleeping
Sleeping
File size: 13,141 Bytes
102fe5c | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 | <?php
// Include database connection
require_once 'includes/db_connect.php';
// Start session if not already started
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
// Redirect if already logged in
if (isset($_SESSION['user_id'])) {
header("Location: index.php");
exit;
}
// Initialize variables
$error = '';
$username = '';
// Create users table if it doesn't exist
$createUsersTableQuery = "CREATE TABLE IF NOT EXISTS users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
email VARCHAR(100),
password VARCHAR(255) NOT NULL,
user_type ENUM('student', 'faculty') NOT NULL,
status ENUM('active', 'inactive') DEFAULT 'active',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
last_login TIMESTAMP NULL DEFAULT NULL
)";
$conn->query($createUsersTableQuery);
// Check if admin user exists
$adminCheckQuery = "SELECT * FROM users WHERE username = 'admin' AND user_type = 'faculty'";
$adminResult = $conn->query($adminCheckQuery);
if ($adminResult && $adminResult->num_rows === 0) {
// Create default admin user
$adminPassword = password_hash('admin', PASSWORD_DEFAULT);
$createAdminQuery = "INSERT INTO users (username, email, password, user_type) VALUES ('admin', 'admin@example.com', '$adminPassword', 'faculty')";
$conn->query($createAdminQuery);
}
// Process login form
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$password = $_POST['password'];
$userType = $_POST['user_type'];
// Basic validation
if (empty($username) || empty($password) || empty($userType)) {
$error = "Please enter both username and password and select user type.";
} else {
if ($userType === 'faculty') {
// Faculty login - check against users table
$query = "SELECT * FROM users WHERE username = ? AND user_type = 'faculty' AND status = 'active'";
$stmt = $conn->prepare($query);
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 1) {
$user = $result->fetch_assoc();
// Verify password
if (password_verify($password, $user['password'])) {
// Set session variables
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['user_type'] = 'faculty';
// Update last login time
$updateQuery = "UPDATE users SET last_login = NOW() WHERE id = ?";
$updateStmt = $conn->prepare($updateQuery);
$updateStmt->bind_param("i", $user['id']);
$updateStmt->execute();
// Redirect to home page
header("Location: index.php");
exit;
} else {
$error = "Invalid username or password.";
}
} else {
$error = "Invalid username or password.";
}
} else {
// Student login - check against students_info table
$studentCheckQuery = "SHOW TABLES LIKE 'students_info'";
$tableExists = $conn->query($studentCheckQuery)->num_rows > 0;
if ($tableExists) {
// Get student data structure
$columnsQuery = "SHOW COLUMNS FROM students_info";
$columnsResult = $conn->query($columnsQuery);
$studentIdField = null;
// Find student ID field (assuming it's either 'student_id', 'Student_ID', or similar)
while ($column = $columnsResult->fetch_assoc()) {
if (preg_match('/(student|stud|roll)[\s_-]?(id|number|no)/i', $column['Field'])) {
$studentIdField = $column['Field'];
break;
}
}
if ($studentIdField) {
$query = "SELECT * FROM students_info WHERE $studentIdField = ?";
$stmt = $conn->prepare($query);
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 1) {
$student = $result->fetch_assoc();
// For students, password should be same as student ID for simplicity
if ($password === $username) {
// Create or update user record for this student
$userCheckQuery = "SELECT * FROM users WHERE username = ? AND user_type = 'student'";
$userCheckStmt = $conn->prepare($userCheckQuery);
$userCheckStmt->bind_param("s", $username);
$userCheckStmt->execute();
$userResult = $userCheckStmt->get_result();
if ($userResult->num_rows === 0) {
// Create new user record
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$createUserQuery = "INSERT INTO users (username, password, user_type) VALUES (?, ?, 'student')";
$createUserStmt = $conn->prepare($createUserQuery);
$createUserStmt->bind_param("ss", $username, $hashedPassword);
$createUserStmt->execute();
$userId = $conn->insert_id;
} else {
$user = $userResult->fetch_assoc();
$userId = $user['id'];
}
// Set session variables
$_SESSION['user_id'] = $userId;
$_SESSION['username'] = $username;
$_SESSION['user_type'] = 'student';
$_SESSION['student_id'] = $student[$studentIdField];
// Update last login time
$updateQuery = "UPDATE users SET last_login = NOW() WHERE id = ?";
$updateStmt = $conn->prepare($updateQuery);
$updateStmt->bind_param("i", $userId);
$updateStmt->execute();
// Redirect to home page
header("Location: index.php");
exit;
} else {
$error = "Invalid password. Students should use their student ID as password.";
}
} else {
$error = "Student ID not found in our records.";
}
} else {
$error = "Student ID field not found in database structure.";
}
} else {
$error = "Student information table not found.";
}
}
}
}
// Check for success message
$success = '';
if (isset($_SESSION['success_message'])) {
$success = $_SESSION['success_message'];
unset($_SESSION['success_message']);
}
// Include header
include 'includes/header.php';
?>
<div class="row mb-4 text-center">
<div class="col-md-12">
<h2><i class="fas fa-sign-in-alt me-2"></i> Login to Domain Management System</h2>
<p class="lead">Access the project database with your credentials</p>
</div>
</div>
<div class="row">
<div class="col-md-6 offset-md-3">
<div class="card shadow-sm">
<div class="card-header bg-primary text-white">
<h4 class="mb-0"><i class="fas fa-sign-in-alt me-2"></i> Login</h4>
</div>
<div class="card-body">
<?php if (!empty($error)): ?>
<div class="alert alert-danger">
<i class="fas fa-exclamation-circle me-2"></i> <?php echo $error; ?>
</div>
<?php endif; ?>
<?php if (!empty($success)): ?>
<div class="alert alert-success">
<i class="fas fa-check-circle me-2"></i> <?php echo $success; ?>
</div>
<?php endif; ?>
<form method="post" action="login.php">
<div class="mb-3">
<label for="user_type" class="form-label">Login As</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-users"></i></span>
<select name="user_type" id="user_type" class="form-select" required>
<option value="">Select User Type</option>
<option value="student">Student</option>
<option value="faculty">Faculty</option>
</select>
</div>
</div>
<div class="mb-3">
<label for="username" class="form-label" id="username_label">Username</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-user"></i></span>
<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($username); ?>" required>
</div>
<small class="form-text text-muted student-info d-none">Enter your Student ID</small>
<small class="form-text text-muted faculty-info d-none">Faculty username (admin)</small>
</div>
<div class="mb-4">
<label for="password" class="form-label">Password</label>
<div class="input-group">
<span class="input-group-text"><i class="fas fa-lock"></i></span>
<input type="password" class="form-control" id="password" name="password" required>
<button class="btn btn-outline-secondary toggle-password" type="button" data-target="#password">
<i class="fas fa-eye"></i>
</button>
</div>
<small class="form-text text-muted student-info d-none">Use your Student ID as password</small>
<small class="form-text text-muted faculty-info d-none">Default faculty password is 'admin'</small>
</div>
<div class="d-grid gap-2">
<button type="submit" class="btn btn-primary">
<i class="fas fa-sign-in-alt me-2"></i> Login
</button>
</div>
</form>
</div>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
// Show/hide helper text based on user type selection
const userTypeSelect = document.getElementById('user_type');
const studentInfoElements = document.querySelectorAll('.student-info');
const facultyInfoElements = document.querySelectorAll('.faculty-info');
const usernameLabel = document.getElementById('username_label');
userTypeSelect.addEventListener('change', function() {
// Hide all helper texts first
studentInfoElements.forEach(el => el.classList.add('d-none'));
facultyInfoElements.forEach(el => el.classList.add('d-none'));
// Show appropriate helper text based on selection
if (this.value === 'student') {
studentInfoElements.forEach(el => el.classList.remove('d-none'));
usernameLabel.textContent = 'Student ID';
} else if (this.value === 'faculty') {
facultyInfoElements.forEach(el => el.classList.remove('d-none'));
usernameLabel.textContent = 'Username';
} else {
usernameLabel.textContent = 'Username';
}
});
});
</script>
<?php
// Include footer
include 'includes/footer.php';
// Close connection
$conn->close();
?> |