public function checkLogin($username, $password)
 {
     $username = toSafeString($username);
     $password = toSafeString($password);
     $mysqli = connectToDB();
     $result = $mysqli->query("CALL sp_login('{$username}','{$password}');") or die("SELECT query login error");
     $mysqli->close();
     if ($result->fetch_assoc()) {
         return true;
     } else {
         return false;
     }
 }
<?php

require_once "../core/core.php";
$msg = '';
function toSafeString($string)
{
    $string = htmlentities($string, ENT_QUOTES, "utf-8");
    $string = trim($string);
    return $string;
}
if (isset($_POST['submit'])) {
    $mobile = toSafeString($_POST['mobile']);
    $password = toSafeString($_POST['password']);
    $password_hash = sha1($password);
    $admins_fetch_rows = DatabaseHandler::GetRow("SELECT * FROM admins WHERE mobile='{$mobile}' AND password='******' LIMIT 1;");
    if ($admins_fetch_rows) {
        $_SESSION['MM_admin_first_name'] = $admins_fetch_rows['first_name'];
        $_SESSION['MM_admin_last_name'] = $admins_fetch_rows['last_name'];
        $_SESSION['MM_admin_id'] = $admins_fetch_rows['id'];
        $_SESSION['MM_admin_mobile'] = $admins_fetch_rows['mobile'];
        $roles_id = $admins_fetch_rows['roles_id'];
        $roles_result = DatabaseHandler::GetAll("SELECT\n\t\t\t\t\t\t\t\t\t rolespermissions.id\n\t\t\t\t\t\t\t\t\t,rolespermissions.roles_id\n\t\t\t\t\t\t\t\t\t,rolespermissions.permissions_id\n\t\t\t\t\t\t\t\t\t,permissions.ENtitle\n\t\t\t\t\t\t\t\t\t,permissions.id\n\t\t\t\t\t\t\t\t\t,permissions.title\n\t\t\t\t\t\t\t\t\t\tFROM rolespermissions\n\t\t\t\t\t\t\t\t\t\t\tINNER JOIN permissions\n\t\t\t\t\t\t\t\t\t\t\t\tON rolespermissions.permissions_id = permissions.id\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE rolespermissions.roles_id = '{$roles_id}' ; ");
        $check = array();
        foreach ($roles_result as $roles_row) {
            $permissions_name = $roles_row['ENtitle'];
            array_push($check, $permissions_name);
            $_SESSION['permissions'] = $check;
        }
        header("Location: index.php");
    } else {
        $msg = '