I made a login page which is meant to give me access to user.php or admin.php depending on email and password. I have a database (phpmyadmin) with 2 users. I added a boolean field "type" (0 meaning regular user and 1 meaning admin).
Here's my php code :
<?php
session_start();
$mysqli = new mysqli("localhost", "root", "", "database");
if ($mysqli->connect_errno) {
echo "Echec lors de la connexion à MySQL : (".$mysqli->connect_errno.") ".$mysqli->connect_error;
}
if (isset($_POST['submit'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if ($email == "" || $password == "") {
echo '<div id ="errormsg">Please fill in all fields</div>';
} else {
$query = mysqli_query(
$mysqli,
"SELECT * FROM client WHERE email = '$email' and password = '$password' and type = 1 "
) or die ("Can't query the database");
$count = mysqli_num_rows($query);
if ($count == 1) {
if ($type == 1) {
$_SESSION['email'] = $email;
header("location: admin.php");
} else {
if ($type == 0) {
$_SESSION['email'] = $email;
header("location: user.php");
} else {
echo '<div id="errormsg">No matches, try again</div>';
}
}
}
}
}
When I type an admin's email and password I'll be redirected to user.php instead of admin.php. When I type a normal user's email and password nothing happens , the same page (login.php) refreshes