function actionLogin()
{
$error = '';
if (User::auth()) {
header('Location: /user/');
} else {
if (!isset($_POST['email'])) {
$this->render('login');
} else {
$email = trim($_POST['email']);
$pass = trim($_POST['password']);
if (!empty($pass) && !empty($email)) {
$user = new User();
$res = $user->user_login($email, $pass);
if ($res === 'OK') {
header('Location: /user/');
} else {
$error = $res;
$this->render('login', array('error' => $error));
}
} else {
$error = 'Все поля необходимы для заполнения!';
$this->render('login', array('error' => $error));
}
}
}
}
/**
* Select User from its username or password
*
* @param User $user
* @return array the selected row in the db
*/
public function selectOne($user, $where_filter_id = "", $filter_as_string = false)
{
if ($user->user_login() !== "") {
//Check if the user is giving his username and that there is a value
$sql = 'SELECT * FROM user where `user_login` = :user_login AND `user_password` = :user_password LIMIT 0, 1;';
} else {
return NULL;
}
$sth = $this->dao->prepare($sql);
$sth->bindValue(':user_login', $user->user_login(), \PDO::PARAM_STR);
$sth->bindValue(':user_password', $user->user_password(), \PDO::PARAM_STR);
$sth->execute();
$sth->setFetchMode(\PDO::FETCH_CLASS | \PDO::FETCH_PROPS_LATE, '\\Applications\\PMTool\\Models\\Dao\\User');
$user_out = $sth->fetchAll();
$sth->closeCursor();
return $user_out;
}
/**
* Function for user to login
*/
function user_login()
{
if (isset($_REQUEST['username']) & isset($_REQUEST['password'])) {
include_once '../models/user_class.php';
$obj = new User();
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$row = $obj->user_login($username, $password);
if (!$row) {
echo '{"result":0, "message":"Failed to login"}';
} else {
// echo json_encode ( $row );
session_start();
$user_type = $row['user_type'];
if ($user_type == 'admin') {
echo '{"result":1, "username":"******"}';
$_SESSION['user_type'] = $user_type;
$_SESSION['user_id'] = $row['user_id'];
// header("Location: home.php");
// exit ( );
} else {
if ($user_type == 'regular') {
echo '{"result":1, "username":"******"}';
$_SESSION['user_type'] = $user_type;
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['path'] = $row['path'];
$_SESSION['username'] = $row['username'];
// header("Location: home.php");
// exit ( );
}
}
}
}
}
<?php
include_once "function/common_function.php";
$error_msg = '';
$error_set = '';
if (isset($_POST['email'])) {
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
include_once 'function/user_class.php';
$obj_user = new User();
$check_user = $obj_user->user_login($email, $password);
if (!$check_user) {
$error_set = 1;
$error_msg = "Email or Password detail incorrect";
} else {
header("location:index.php");
}
}
?>
<!DOCTYPE html>
<!--[if lt IE 7 ]><html class="ie ie6" lang="en"> <![endif]-->
<!--[if IE 7 ]><html class="ie ie7" lang="en"> <![endif]-->
<!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]-->
<!--[if (gte IE 9)|!(IE)]><!--><html lang="en"> <!--<![endif]-->
<head>
<?php
$page_title = 'SchoolzAndMore: User login page';
require_once 'blocks/head.php';
?>
</head>
<body>
<label for="username">Inlognaam</label>
<input type="text" name="username" class="form-control" id="username" placeholder="Voer inlognaam in">
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" name="password" class="form-control" id="password" placeholder="Voer wachtwoord aan ">
</div>
<div class="form-group">
<a href="register.php">Heb je nog geen account? Registreer je dan hier! </a>
</div>
<button type="submit" class="btn btn-default custombutton" name="submit">Submit</button>
</form>
<?php
if (isset($_POST["submit"])) {
$get_user = $user->get_single_user($_POST['username']);
$login = $user->user_login($_POST['username'], $get_user['salt'], $_POST['password']);
if ($login > 0) {
$_SESSION["user_login"] = 1;
$_SESSION['username'] = $_POST["username"];
echo '<script>location.href="."</script>';
} elseif (empty($_POST['username']) || empty($_POST['password'])) {
echo 'Zorg dat alle velden zijn ingevuld.';
} else {
echo 'Gebruikersnaam of wachtwoord fout.';
}
}
?>
</div>
</div>
</div>
</body>
<div class="form-group">
<label for="password">Wachtwoord</label>
<input type="password" class="form-control" id="password" name="password" placeholder="Voer wachtwoord in" required>
</div>
<div class="form-group">
<a href="register.php">Klik hier om aan te melden</a>
</div>
<div class="form-group">
<input type="submit" class="btn btn-default" name='submit' value='Login'>
</div>
</form>
<?php
if (isset($_POST['submit'])) {
$user = new User();
$get_user = $user->get_user($_POST['name']);
if ($user->user_login($_POST['name'], $get_user['salt'], $_POST['password']) > 0) {
$_SESSION['login'] = 1;
$_SESSION['user'] = $_POST['name'];
header('location: login/');
} elseif ($user->user_login($get_user['email'], $get_user['salt'], $_POST['password']) == 0) {
echo '<div class="alert alert-danger" role="alert"><b>Oh Oh! </b>Sorry pall, wrong username or password :(</div>';
}
}
?>
<!-- End login form -->
</div>
</div>
</body>
<!-- Jquery CDN -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
<!-- Latest compiled and minified JavaScript -->
