Mini Kabibi Habibi

Current Path : C:/xampp/htdocs/cid/system/
Upload File :
Current File : C:/xampp/htdocs/cid/system/login_process.php

<?php
@include 'include/config.php';
session_start();
if (isset($_POST['submit'])){
  $_SESSION['login_user'] =$_POST['username'];
  
  $EMP_NUM =mysqli_real_escape_string($conn,$_POST['username']);
 
  $GLEVEL = $_POST['level'];
  $PASSWORD = md5($_POST['password']);


  $select ="SELECT *FROM users where EMP_NUM = '$EMP_NUM' && PASSWORD = '$PASSWORD'";
  $result =mysqli_query($conn, $select);
  if (mysqli_num_rows($result) > 0) {
   
    $row = mysqli_fetch_array($result);

    if ($row['ROLE'] == 'HR') {
     $_SESSION['username_school'] = $row['EMP_NUM'];
header('location:school_admin/home.php');

    }elseif ($row['ROLE'] == 'EVELUATOR') {
   $_SESSION['username_eval1'] =$row['EMP_NUM'];
     header('location:EVALUATOR/index.php');
  }elseif ($row['ROLE'] == 'EVELUATOR_SDO') {
   $_SESSION['username_eval2'] =$row['EMP_NUM'];
     header('location:school_admin/home.php');
 
  }
}else{
  $error[] = 'incorrect email or password';
}
};
?>