public function log_data() { $result = true; $name = $_POST['username']; $pass = $_POST['password']; $con = mysqli_connect("localhost", "MaxMelnyk", "781227maks") or die("Something wrong..."); mysqli_select_db($con, "tour_firm") or die(mysql_error()); mysqli_query($con, 'SET NAMES utf8'); if (!Model_login::validate($name, $pass)) { return false; } $query = "SELECT * FROM users WHERE username = \"" . $name . "\" and password = \"" . md5(md5($pass)) . "\";"; $res = mysqli_query($con, $query) or die(mysql_error()); if ($res->num_rows == 1) { $row = mysqli_fetch_array($res); session_start(); $_SESSION['username'] = $row['username']; $_SESSION['name'] = $row['name']; $_SESSION['email'] = $row['email']; $_SESSION['access'] = $row['access']; $_SESSION['phone'] = $row['phone']; return true; } else { return false; } }