Spaces:

Kshitij2604
/

Project_Bank

Sleeping

App Files Files Community

Project_Bank / login.php

Kshitij2604

Upload 30 files

102fe5c verified 12 months ago

raw

history blame contribute delete

13.1 kB

	<?php
	// Include database connection
	require_once 'includes/db_connect.php';

	// Start session if not already started
	if (session_status() === PHP_SESSION_NONE) {
	session_start();
	}

	// Redirect if already logged in
	if (isset($_SESSION['user_id'])) {
	header("Location: index.php");
	exit;
	}

	// Initialize variables
	$error = '';
	$username = '';

	// Create users table if it doesn't exist
	$createUsersTableQuery = "CREATE TABLE IF NOT EXISTS users (
	id INT AUTO_INCREMENT PRIMARY KEY,
	username VARCHAR(50) NOT NULL UNIQUE,
	email VARCHAR(100),
	password VARCHAR(255) NOT NULL,
	user_type ENUM('student', 'faculty') NOT NULL,
	status ENUM('active', 'inactive') DEFAULT 'active',
	created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
	last_login TIMESTAMP NULL DEFAULT NULL
	)";
	$conn->query($createUsersTableQuery);

	// Check if admin user exists
	$adminCheckQuery = "SELECT * FROM users WHERE username = 'admin' AND user_type = 'faculty'";
	$adminResult = $conn->query($adminCheckQuery);

	if ($adminResult && $adminResult->num_rows === 0) {
	// Create default admin user
	$adminPassword = password_hash('admin', PASSWORD_DEFAULT);
	$createAdminQuery = "INSERT INTO users (username, email, password, user_type) VALUES ('admin', 'admin@example.com', '$adminPassword', 'faculty')";
	$conn->query($createAdminQuery);
	}

	// Process login form
	if ($_SERVER['REQUEST_METHOD'] === 'POST') {
	$username = trim($_POST['username']);
	$password = $_POST['password'];
	$userType = $_POST['user_type'];

	// Basic validation
	if (empty($username) \|\| empty($password) \|\| empty($userType)) {
	$error = "Please enter both username and password and select user type.";
	} else {
	if ($userType === 'faculty') {
	// Faculty login - check against users table
	$query = "SELECT * FROM users WHERE username = ? AND user_type = 'faculty' AND status = 'active'";
	$stmt = $conn->prepare($query);
	$stmt->bind_param("s", $username);
	$stmt->execute();
	$result = $stmt->get_result();

	if ($result->num_rows === 1) {
	$user = $result->fetch_assoc();

	// Verify password
	if (password_verify($password, $user['password'])) {
	// Set session variables
	$_SESSION['user_id'] = $user['id'];
	$_SESSION['username'] = $user['username'];
	$_SESSION['user_type'] = 'faculty';

	// Update last login time
	$updateQuery = "UPDATE users SET last_login = NOW() WHERE id = ?";
	$updateStmt = $conn->prepare($updateQuery);
	$updateStmt->bind_param("i", $user['id']);
	$updateStmt->execute();

	// Redirect to home page
	header("Location: index.php");
	exit;
	} else {
	$error = "Invalid username or password.";
	}
	} else {
	$error = "Invalid username or password.";
	}
	} else {
	// Student login - check against students_info table
	$studentCheckQuery = "SHOW TABLES LIKE 'students_info'";
	$tableExists = $conn->query($studentCheckQuery)->num_rows > 0;

	if ($tableExists) {
	// Get student data structure
	$columnsQuery = "SHOW COLUMNS FROM students_info";
	$columnsResult = $conn->query($columnsQuery);
	$studentIdField = null;

	// Find student ID field (assuming it's either 'student_id', 'Student_ID', or similar)
	while ($column = $columnsResult->fetch_assoc()) {
	if (preg_match('/(student\|stud\|roll)[\s_-]?(id\|number\|no)/i', $column['Field'])) {
	$studentIdField = $column['Field'];
	break;
	}
	}

	if ($studentIdField) {
	$query = "SELECT * FROM students_info WHERE $studentIdField = ?";
	$stmt = $conn->prepare($query);
	$stmt->bind_param("s", $username);
	$stmt->execute();
	$result = $stmt->get_result();

	if ($result->num_rows === 1) {
	$student = $result->fetch_assoc();

	// For students, password should be same as student ID for simplicity
	if ($password === $username) {
	// Create or update user record for this student
	$userCheckQuery = "SELECT * FROM users WHERE username = ? AND user_type = 'student'";
	$userCheckStmt = $conn->prepare($userCheckQuery);
	$userCheckStmt->bind_param("s", $username);
	$userCheckStmt->execute();
	$userResult = $userCheckStmt->get_result();

	if ($userResult->num_rows === 0) {
	// Create new user record
	$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
	$createUserQuery = "INSERT INTO users (username, password, user_type) VALUES (?, ?, 'student')";
	$createUserStmt = $conn->prepare($createUserQuery);
	$createUserStmt->bind_param("ss", $username, $hashedPassword);
	$createUserStmt->execute();
	$userId = $conn->insert_id;
	} else {
	$user = $userResult->fetch_assoc();
	$userId = $user['id'];
	}

	// Set session variables
	$_SESSION['user_id'] = $userId;
	$_SESSION['username'] = $username;
	$_SESSION['user_type'] = 'student';
	$_SESSION['student_id'] = $student[$studentIdField];

	// Update last login time
	$updateQuery = "UPDATE users SET last_login = NOW() WHERE id = ?";
	$updateStmt = $conn->prepare($updateQuery);
	$updateStmt->bind_param("i", $userId);
	$updateStmt->execute();

	// Redirect to home page
	header("Location: index.php");
	exit;
	} else {
	$error = "Invalid password. Students should use their student ID as password.";
	}
	} else {
	$error = "Student ID not found in our records.";
	}
	} else {
	$error = "Student ID field not found in database structure.";
	}
	} else {
	$error = "Student information table not found.";
	}
	}
	}
	}

	// Check for success message
	$success = '';
	if (isset($_SESSION['success_message'])) {
	$success = $_SESSION['success_message'];
	unset($_SESSION['success_message']);
	}

	// Include header
	include 'includes/header.php';
	?>

	<div class="row mb-4 text-center">
	<div class="col-md-12">
	<h2><i class="fas fa-sign-in-alt me-2"></i> Login to Domain Management System</h2>
	<p class="lead">Access the project database with your credentials</p>
	</div>
	</div>

	<div class="row">
	<div class="col-md-6 offset-md-3">
	<div class="card shadow-sm">
	<div class="card-header bg-primary text-white">
	<h4 class="mb-0"><i class="fas fa-sign-in-alt me-2"></i> Login</h4>
	</div>
	<div class="card-body">
	<?php if (!empty($error)): ?>
	<div class="alert alert-danger">
	<i class="fas fa-exclamation-circle me-2"></i> <?php echo $error; ?>
	</div>
	<?php endif; ?>

	<?php if (!empty($success)): ?>
	<div class="alert alert-success">
	<i class="fas fa-check-circle me-2"></i> <?php echo $success; ?>
	</div>
	<?php endif; ?>

	<form method="post" action="login.php">
	<div class="mb-3">
	<label for="user_type" class="form-label">Login As</label>
	<div class="input-group">
	<span class="input-group-text"><i class="fas fa-users"></i></span>
	<select name="user_type" id="user_type" class="form-select" required>
	<option value="">Select User Type</option>
	<option value="student">Student</option>
	<option value="faculty">Faculty</option>
	</select>
	</div>
	</div>

	<div class="mb-3">
	<label for="username" class="form-label" id="username_label">Username</label>
	<div class="input-group">
	<span class="input-group-text"><i class="fas fa-user"></i></span>
	<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($username); ?>" required>
	</div>
	<small class="form-text text-muted student-info d-none">Enter your Student ID</small>
	<small class="form-text text-muted faculty-info d-none">Faculty username (admin)</small>
	</div>

	<div class="mb-4">
	<label for="password" class="form-label">Password</label>
	<div class="input-group">
	<span class="input-group-text"><i class="fas fa-lock"></i></span>
	<input type="password" class="form-control" id="password" name="password" required>
	<button class="btn btn-outline-secondary toggle-password" type="button" data-target="#password">
	<i class="fas fa-eye"></i>
	</button>
	</div>
	<small class="form-text text-muted student-info d-none">Use your Student ID as password</small>
	<small class="form-text text-muted faculty-info d-none">Default faculty password is 'admin'</small>
	</div>

	<div class="d-grid gap-2">
	<button type="submit" class="btn btn-primary">
	<i class="fas fa-sign-in-alt me-2"></i> Login
	</button>
	</div>
	</form>
	</div>
	</div>
	</div>
	</div>

	<script>
	document.addEventListener('DOMContentLoaded', function() {
	// Show/hide helper text based on user type selection
	const userTypeSelect = document.getElementById('user_type');
	const studentInfoElements = document.querySelectorAll('.student-info');
	const facultyInfoElements = document.querySelectorAll('.faculty-info');
	const usernameLabel = document.getElementById('username_label');

	userTypeSelect.addEventListener('change', function() {
	// Hide all helper texts first
	studentInfoElements.forEach(el => el.classList.add('d-none'));
	facultyInfoElements.forEach(el => el.classList.add('d-none'));

	// Show appropriate helper text based on selection
	if (this.value === 'student') {
	studentInfoElements.forEach(el => el.classList.remove('d-none'));
	usernameLabel.textContent = 'Student ID';
	} else if (this.value === 'faculty') {
	facultyInfoElements.forEach(el => el.classList.remove('d-none'));
	usernameLabel.textContent = 'Username';
	} else {
	usernameLabel.textContent = 'Username';
	}
	});
	});
	</script>

	<?php
	// Include footer
	include 'includes/footer.php';

	// Close connection
	$conn->close();
	?>