diff --git a/admin/config/constants.php b/admin/config/constants.php
index 26fb1bb..0fff81e 100644
--- a/admin/config/constants.php
+++ b/admin/config/constants.php
@@ -1,5 +1,6 @@
Manage Posts
-
+
@@ -50,6 +50,7 @@ include "partials/header.php";
Manage Categories
+
diff --git a/admin/manage-categories.php b/admin/manage-categories.php
index 0671ece..2b349da 100644
--- a/admin/manage-categories.php
+++ b/admin/manage-categories.php
@@ -20,10 +20,11 @@ include "partials/header.php";
- Manage Posts
+
+ Manage Posts
-
+
@@ -49,6 +50,7 @@ include "partials/header.php";
Manage Categories
+
diff --git a/admin/manage-users.php b/admin/manage-users.php
index 1226e4b..73f736e 100644
--- a/admin/manage-users.php
+++ b/admin/manage-users.php
@@ -20,10 +20,11 @@ include "partials/header.php";
- Manage Posts
+
+ Manage Posts
-
+
@@ -49,6 +50,8 @@ include "partials/header.php";
Manage Categories
+
+
diff --git a/admin/partials/header.php b/admin/partials/header.php
index 8504fce..e6c34b7 100644
--- a/admin/partials/header.php
+++ b/admin/partials/header.php
@@ -1,48 +1,10 @@
-
-
-
-
-
-
- php & mysql blog app with admin panel
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/config/constants.php b/config/constants.php
index e2713fd..7517bcf 100644
--- a/config/constants.php
+++ b/config/constants.php
@@ -1,5 +1,6 @@
\ No newline at end of file
diff --git a/partials/header.php b/partials/header.php
index 2ff7bb6..431465b 100644
--- a/partials/header.php
+++ b/partials/header.php
@@ -1,6 +1,12 @@
@@ -28,16 +34,20 @@ require 'config/database.php';
About
Services
Contact
- SignIn
-
+
+
+ SignIn
+
diff --git a/signin-logic.php b/signin-logic.php
index b2b5293..161cdf1 100644
--- a/signin-logic.php
+++ b/signin-logic.php
@@ -4,17 +4,22 @@ require "config/database.php";
session_start();
if(isset($_POST['submit'])){
+ // getting input
$username_email = filter_var($_POST['username_email'] , FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$password = filter_var(($_POST['password']), FILTER_SANITIZE_FULL_SPECIAL_CHARS);
+
if(!$username_email){
$_SESSION['signin'] = 'Username or Email is Inccorrect';
+
}
elseif(!$password){
$_SESSION['signin'] = 'Password required';
+
}else{
// fetch user from database
$fetch_user_query = "SELECT * FROM users WHERE username = '$username_email' OR email = '$username_email'";
$fetch_user_result = mysqli_query($connection, $fetch_user_query);
+
if(mysqli_num_rows($fetch_user_result) == 1){
//convert the record into assoc array
$user_record=mysqli_fetch_assoc($fetch_user_result);
@@ -22,12 +27,14 @@ if(isset($_POST['submit'])){
// compare form password with database password
if(password_verify($password,$db_password)){
+
// set session for access control
$_SESSION['user-id'] = $user_record['id'];
//set session if user is admin
if($user_record['is_admin']==1){
$_SESSION['user_is_admin'] == true;
+
}
//log in user
header('location: ' . ROOT_URL . 'admin/');
diff --git a/signin.php b/signin.php
index c0021e8..c9f0d65 100644
--- a/signin.php
+++ b/signin.php
@@ -1,5 +1,4 @@