<?php require_once "../../inc/initialize.php"; require_once "../../inc/vendor/autoload.php"; use Carbon\Carbon; // Instance of Carbon Class with the current time $date_now = new Carbon('now'); $staff_number = htmlspecialchars($_POST['staff_number'], ENT_QUOTES); $password = htmlspecialchars($_POST['password'], ENT_QUOTES); $epassword = sha1($password); //Create the greeting message $display_greeting = greeting(); //check if an admin account with the staff_number & password already exists $sql = "SELECT * FROM `admin_users` WHERE `admin_users`.`staff_number`='" . $staff_number . "' AND `admin_users`.`password`= '" . $epassword . "' LIMIT 1"; $users = AdminUsers::find_by_sql($sql); $user = array_shift($users); if (empty($user)) { # Your don't have an account yet or email and password combination wrong # Delay for few seconds for the loader doSleep(); $msg = '<h4 class="alert alert-danger">Oopsy - something went wrong.</h4>'; $msg .= '<hr>'; $msg .= 'Your information does not exist in our database it may be due to the following reasons.'; $msg .= '<ol>'; $msg .= '<li>Your Staff Number and Password Combination is Wrong.</li>'; $msg .= '<li>You do not have an account.</li>'; $msg .= '</ol>'; echo output_message($msg); } else { // store applicant_id in session $session->admin_login($user->id);