function handleLogin() { //showLog("handleLogin"); $ret = array('op' => 'login', 'msg' => 'Login Successful', 'error_code' => '0'); $email = $_POST["email"]; $password = $_POST["password"]; $dao = new DAOuser(); $user = $dao->getByEmailAndPassword($email, $password); if ($user == NULL) { $ret["error_code"] = "1"; $ret["msg"] = "Invalid username or password"; } else { $ret["uid"] = $user->uid; $session_dao = new DAOsession(); $start_time = date('Y-m-d H:i:s'); $time = time() + 3600; $end_time = date('Y-m-d H:i:s', $time); $session_vo = new session($ret["uid"], $start_time, $end_time); $session_dao->save($session_vo); //$ret["session_code"] = $session_vo->session_code; } echo json_encode($ret); }
<?php session_start(); include "admin/class.user.dao.php"; include_once 'db.php'; // check if user already logged in, // then redirect to main page if (isset($_SESSION['uid']) != "") { header("Location: company.php"); } $email = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $dao = new DAOuser(); $user = $dao->getByEmailAndPassword($email, $password); // login failed if ($user == null) { //echo "<script>alert('Login Failed !!!!');</script>"; header("Location: index.php?ec=1"); } else { // login OK $_SESSION["uid"] = $user->uid; header("Location: dashboard.php"); }