if (isset($_POST['submit'])) {
if (empty($_POST['login'])) {
$error[] = 'NO_LOGIN';
} else {
$login = htmlspecialchars($_POST['login']);
}
if (empty($_POST['password'])) {
$error[] = 'NO_PASSWORD';
} else {
$password = md5($_POST['password']);
}
if (empty($error)) {
$user = DB::getAll("SELECT * FROM `user` WHERE `login` = ? AND `password` = ? LIMIT 1", array($login, $password))->fetch();
if ($user) {
$hash = setAutologin($user['id']);
$upd = DB::update("UPDATE `user` SET `hash` = ? WHERE `id` = ?", array($hash, $user['id']));
setcookie('login', $login, 0, '/');
setcookie('hash', $hash, 0, '/');
header("Location: /cabinet/");
die;
} else {
$error[] = "Вы ошиблись при заполнении полей!";
}
}
}
if (!empty($error)) {
foreach ($error as $err) {
echo Controller::getMess($err) . '<br>';
}
}
Controller::getTemplate();
