function processLogin() { $mysqli = db::dbConn(); # Initialize error array. $errors = array(); # Validate the email address: if (empty($this->email)) { $errors[] = 'You forgot to enter your email address.'; } else { $em = $mysqli->real_escape_string($this->email); } # Validate the password: if (empty($this->password)) { $errors[] = 'You forgot to enter your password.'; } else { $p = $mysqli->real_escape_string($this->password); } # If there are no errors if (empty($errors)) { # Retrieve the user_id and first_name for that email/password combination: #TODO: encrypt password and decrypt with sha1... $q = "SELECT UserID, username FROM users WHERE email='{$em}' AND Password='******'"; $r = $mysqli->query($q); # Run the query. # Check the result: if ($r->num_rows == 1) { # Fetch the record: $row = $r->fetch_array(MYSQLI_ASSOC); # Set session cookie, lasts for an hour session_start(); $private_id = session_id(); $_SESSION['email'] = $em; $_SESSION['role'] = self::getUserRole($em); $_SESSION['UserID'] = $row['UserID']; session_write_close(); // Get the global context session_name('Global'); session_id('TEST'); session_start(); error_log("Session" . $private_id . "started at " . date('Y-m-d') . "\n"); return true; } else { $errors[] = 'The email address and password entered do not match those on file.'; view::loginView($errors); } } # Return false and the errors: //return view::loginView($errors); }
<?php require_once 'C:\\devel\\web\\php\\control\\MainController.php'; //require_once 'C:\\devel\\web\\php\\index.php'; # Check if a cookie is set. If cookie is not set, redirect to login screen. //echo "session Dump=====>" . var_dump($_SESSION)."<br />"; //echo "post Dump=====><br />" . var_dump($_POST); if (!isset($_SESSION['email']) && !isset($_POST['email'])) { //echo "<br /> session is not set <br />"; $login = new view(); $login->loginView(); } if (isset($_POST['email'])) { //unset($login); $checkLogin = new MainController(); $checkLogin->startLogin(); } elseif (isset($_SESSION['email'])) { require 'C:\\devel\\web\\php\\index.php'; echo 'session isset!!'; $signedIn = new surveyView(); $signedIn->newSurvey(); }