<? session_start();
include("includes.ini.php");
$email = $_POST['email'];
$password = sha1(md5($_POST['pw']));
$query = "SELECT * FROM users WHERE email = '$email' AND pw = '$password'";
connectDB();
$result = mysqli_query($_SESSION['db'],$query);
closeDB();
if(mysqli_num_rows($result)<1){
echo "No users found";
}else{
//User found
$row = mysqli_fetch_assoc($result);
//echo "User found";
//echo "Welcome " . $row['fname'];
$_SESSION['auth'] = true;
$_SESSION['id'] = $row['id'];
$_SESSION['p'] = $row['priv'];
header("Location:" . $_SERVER["HTTP_REFERER"]);
}
?>