<?php if (isset($_POST["login-submit"])) { require "connection.php"; $uid=$_POST["userID"]; $pswd=$_POST["pass"]; $sql = "Select * From staff_login AS s1 Inner Join medical_staff AS s2 ON s1.s_ssn = s2.SSN WHERE s1.s_ssn='$uid' AND s1.division='TBC'"; $sql1 = "Select * From doctor_login AS d1 Inner Join doctor AS d2 ON d1.d_ssn = d2.SSN WHERE d1.d_ssn='$uid' AND d1.division='TBC'"; if(empty($uid) || empty($pswd)){ header("Location:tbc.login.php?error=emptyfields"); exit(); }else{ $result = mysqli_query($conn,$sql); if ($row = mysqli_fetch_assoc($result)) { if($pswd == $row["pass"]){ session_start(); $_SESSION["userID"] = $row["s_ssn"]; $_SESSION["uc"]="9"; $_SESSION["naranlogin"]=$row["F_Name"]. " ".$row["L_Name"] ;; header("Location:admin/admin/home.php"); exit(); } }else if ($pswd !== $row["pass"]) { $result1 = mysqli_query($conn,$sql1); if ($row1 = mysqli_fetch_assoc($result1)) { if($pswd !== $row1["pass"]){ header("Location:tbc.login.php?error=wrongpass"); exit(); }else if ($pswd == $row1["pass"]) { session_start(); $_SESSION["userID"] = $row1["d_ssn"]; $_SESSION["uc"]="9"; $_SESSION["naranlogin"]=$row1["F_Name"]. " ".$row1["L_Name"] ; header("Location:admin/admin/home.php"); exit(); } }else{ header("Location:tbc.login.php?error=wrongpass"); exit(); } } header("Location:tbc.login.php?error=nouser"); exit(); } } ?> SIMPAN PERUBAHAN