I'm trying to create an admin panel. Ba table of the bank already created the field type, where if it is 1 is normal user and 2 administrator. What is the best method to find the type of user in the bank?
Follow the code that I have already done, but any type of user has access to the admin panel.
<body>
<div class ="container">
<div class="row"></div>
<div class="row">
<div class="col-md-4">
</div>
<div class="col-md-5">
<form action="painel.php" method="POST" >
<div class="input-group">
<label for="email">E:mail</label>
<input type="text" class="form-control" name="email" placeholder="email"><br><br>
<label for="Senha">Senha:</label>
<input type="password" class="form-control" name="senha" placeholder="**********"><br><br><br>
<button type="submit" class="btn btn-lg btn-default">Entrar</button><p><p><p><p>
<input type= "hidden" name="entrar" value="login">
</div>
</form>
</div>
</div>
<div class="row"></div>
</div>
<?php
if (isset($_POST['entrar']) && $_POST['entrar'] == "login"){
$email = $_POST['email'];
$senha = $_POST['senha'];
if(empty($email) || empty($senha)){
?>
<script type="text/javascript"> alert ('preencha todos os campos');
</script>
<?php
}else{
$query = "SELECT nome, email, senha, tipo FROM usuarios WHERE email = '$email' AND senha = '$senha' ";
$result = mysqli_query($conn, $query);
$busca = mysqli_num_rows($result);
$linha = mysqli_fetch_assoc($result);
while($percorrer = mysql_fetch_array($result) ){
$tipo = $percorrer['tipo'];
if($tipo == 2){
$_SESSION['nome'] = $linha['nome'];
$_SESSION['email'] = $linha['email'];
header('location: painel.php');
}
}
}
}
?>
</body>
</html>
</html>
EDIT: in case the user type 2 (administrator) is being redirected to login too, I am passing the TYPE right?
$query = "SELECT nome, email, senha, tipo FROM usuarios WHERE email = '$email' AND senha = '$senha' ";
$result = mysqli_query($conn, $query);
$busca = mysqli_num_rows($result);
$linha = mysqli_fetch_assoc($result);
if($busca > 0){
$_SESSION['nome'] = $linha['nome'];
$_SESSION['email'] = $linha['email'];
header('location: painel.php');