Script.php: allow people to log in when they give a valid student number.

Script.php

@@ -144,10 +144,10 @@ if (!empty($_POST["frm_login"])) {
   $user=mysqli_real_escape_string($con,$_POST["user"]);
   $password=mysqli_real_escape_string($con,$_POST["password"]);
   // $hashed_password=hash('sha512', $password); Not necessary in the login
- $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Email='$user')");
+ $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
 if(mysqli_num_rows($result)==0)
  {
-     $_SESSION["info_login"]="Inavlid login Information.";
+     $_SESSION["info_login"]="Inavlid login information.";
   
 echo $_SESSION["info_login"];
 
@@ -833,14 +833,11 @@ if(strlen($_FILES['attachment1']['name']) > 2 ) {
     if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters.
          $group_id = 0; // FIXME
     }
-
     $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
             . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
             . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
             . "'Pending','$title','')";
 
-   
- 
 if ($con->query($sql) === TRUE) {
     if($_SESSION['Sub_Type']=='Individual')
   // {