function login() { $this->_logout(); $email = $this->input->post('login_email'); $password = $this->input->post('login_password'); $user = FALSE; if (!($email === FALSE || $password === FALSE)) { $user = get_user_by_credentials($email, $password); } if (!$user) { $errmsg = 'Sorry, unrecognized e-mail or incorrect password.'; $this->load->view('header'); $this->load->view('index', array('login_error' => $errmsg)); $this->load->view('footer'); } else { log_event(LOG_USER_LOGIN, $user->id); $this->session->set_userdata('userid', $user->id); // TODO: Pick up where user left off, not on page 1 redirect('welcome/dispatch'); } }
<?php // ERROR CODES // 403 session_start(); require_once 'common.inc'; session_unset(); $email = $_POST['email']; $password = $_POST['password']; $user = get_user_by_credentials($email, $password); if (!$user) { header('HTTP/1.0 403 Incorrect credentials'); echo 'Incorrect username or password'; exit; } $_SESSION['userid'] = $user->id; redirect('page1.html');