The admin page should be accessed by entering the ‘admin’ NIC and password. The patient sites for other NICs should be accessible with their password.
Here is the patient(user) table:
| id | NIC | Password | Name | Phone | Address |
|---|---|---|---|---|---|
| 1 | admin | 1234 | Ben | 0118675456 | Colombo |
| 2 | 00236584V | abcd1 | Ann | 0114253963 | Dehiwela |
I used NIC as primary key in the table
here is my PHP code .
<?php
session_start();
$NIC="";
$password = "";
$error = "";
if($_SERVER['REQUEST_METHOD']=='POST')
{
$NIC = $_POST['nic'];
$password = $_POST['password'];
if(empty($NIC)||empty($password))
{
$error = "Email and Password are required !";
}
else
{
include "database.php";
$dbConnection = getDatabaseConnection();
$statement = $dbConnection->prepare("SELECT id, NIC, Password, Name, Phone, Address FROM user WHERE NIC = ?");
$statement->bind_param('s',$NIC);
$statement->execute();
$statement->bind_result($id, $nic, $stored_password, $Name, $Phone, $Address);
if($statement->fetch())
{
if(password_verify($password,$stored_password))
{
if(strtolower($NIC)==="admin")
{
$_SESSION["admin_id"] = $id;
$_SESSION["admin_username"] = $nic;
header("location: admin-dashboard.php");
exit;
}
else
{
$_SESSION["id"]=$id;
$_SESSION["nic"]=$nic;
$_SESSION["Name"]=$Name;
$_SESSION["Password"]=$password;
$_SESSION["Phone"]=$Phone;
$_SESSION["Address"]=$Address;
header("location: patient-profile.php");
exit;
}
}
else
{
$error="Email or Password invalid";
}
}
else
{
$error="Email or Password invalid";
}
$statement->close();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login / Signup - Wintan Hospital</title>
<link rel="stylesheet" href="styles.css">
</head>
<body>
<header>
<img src="IMG/Logo.jpg" width="100px" height="100px" alt=""/><br>
<h1>Wintan Hospital </h1>
</header>
<main>
<section class="auth-section">
<div class="login-form">
<h2>Login</h2>
<form action="patient-login.php" method="post">
<strong><?= htmlspecialchars($error) ?></strong>
<label for="username">Username/NIC:</label>
<input type="text" id="nic" name="nic" value="<?= htmlspecialchars($NIC) ?>">
<label for="password">Password:</label>
<input type="password" id="password" name="password">
<button type="submit">Login</button>
<a href="forgot-password.html">Forgot Password?</a>
</form>
</div>
</section>
</main>
<footer>
<p>© 2024 Wintan Hospital. All rights reserved.</p>
</footer>
</body>
</html>