admin_session.php

<?php
    include('config.php');
    // require './includes/sanitizer.php';
    function sanitizeInput($val) {
        // include '../config.php';
        include('config.php');
        $sprey1 = mysqli_real_escape_string($conn,$val);
        $sprey2 = filter_var ($sprey1, FILTER_SANITIZE_STRING);
        $sprey3 = strip_tags($sprey2);
        $sprey4 = htmlspecialchars($sprey3);
        $sprey5 = trim($sprey4," ");
        return $sprey5;
    }
    session_start();

    $user_check = sanitizeInput($_SESSION['login_user']);
    // $user_check = $_SESSION['login_user'];
    // $ses_sql = mysqli_query($conn,"select id, email, name, status, role from users where email = '$user_check' ");
    // $row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);

    try{
        $sql = "select id, email, name, status, role from users where email = ?";
        $stmt = $conn->prepare($sql); 
        $stmt->bind_param("s",$user_check);
        $stmt->execute();
        $result = $stmt->get_result();
    } catch(Exception $e){
        if ($debug_mode == true){
            // echo $e;
            die('debug: '.$e);
        }
        else{
            echo 'error';
            die();
        }
    }        
    $row = $result->fetch_assoc();


    $login_session = $row['email']; 
    $login_username = $row['name'];
    $login_user_id = $row['id'];
    
    if (isset($_SESSION['login_user'])){
        if($row['role'] == "admin"){
            if ($row['status'] =='true'){
            }
            else{
                session_start();
                if(session_destroy()) {
                    header("Location: success.php?p=not_active");
                    die();
                }
            }
        }
        elseif($row['role'] == "user"){
            if ($row['status'] =='true'){
                header("Location: dashboard.php");
                die();
            }
            else{
                session_start();
                if(session_destroy()) {
                    header("Location: success.php?p=not_active");
                    die();
                }
            }
        }
        else{
            header("Location: login.php");
            die();
        }
    }
    else{
        header("Location: login.php");
        die();
    }

?>