Please help I am a beginner. Thanks
Code: Select all
<?php
session_start();
session_regenerate_id();
if($_SESSION['account_id'] == '')
{
header('location: registration.php');
exit;
}
?>
<html>
<body>
<table border="1">
<?php
//include database connection
$con=mysqli_connect("localhost","","","");//database connection
$query = "select account_id, goalName, goal_id, gdescription, progress from goal where account_id =".$_SESSION['account_id'];
//execute the query
$result= mysqli_query($con,$query);
while($row = mysqli_fetch_assoc($result)){
?>
<tr>
<td><?php echo $row['goalName'] ; ?></td>
<td><?php echo $row['gdescription'] ; ?></td>
<td><?php echo $row['progress'] ; ?></td>
<td><a href="deletegoal.php<?php echo '?goal_id='.$row['goal_id']; ?>">delete</a></td>
<td><a href="editGoal.php<?php echo '?goal_id='.$row['goal_id']; ?>">Edit</a></td>
<?php
}
?>
</tr>
</table>
</fieldset>
</body>
</html>Code: Select all
<?php
session_start();
$con=mysqli_connect("localhost","","","") or die();
if(isset($_POST['submit']))
{
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$permission = trim($_POST['permission']);
$query ="SELECT * FROM useraccount WHERE username='$_POST[username]'and password='$_POST[password]' and permission='$_POST[permission]'";
$result= mysqli_query($con,$query) or die(mysqli_error());
//$num_row = mysqli_num_rows($result);
while($row = mysqli_fetch_array($result)){
if($_SESSION['account_id']=$row['username'] && $_POST['password']=="$password" && $_POST['permission']=="Student")
{
header("Location:studentAccount.php");
exit;
}
else if($_SESSION['account_id']=$row['username']&& $_POST['password']=="$password" && $_POST['permission']=="Staff")
{
header("Location:staffAccount.php");
exit;
}
else
{
echo "You got credentials wrong";
}
}
}
?>