public function login() { if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; $cleaner = new \Framework\Common(); $username = $cleaner->normalize($username, 'xss|string'); $password = $cleaner->normalize($password, 'xss|string'); $userDb = new \Models\User(); $user = $userDb->getUser($username)[0]; if (!$user || $user['password'] != $password) { header('Location: /php_project/application/public/'); } $_SESSION['userId'] = $user['user_id']; $_SESSION['username'] = $user['username']; $_SESSION[$user['type']] = true; if ($user['type'] == 'admin') { header('Location: /php_project/application/public/admin/index'); } else { if ($user['type'] == 'editor') { header('Location: /php_project/application/public/editor/index'); } else { header('Location: /php_project/application/public/user/index'); } } } $this->view->appendToLayout('body', 'login'); $this->view->display('layouts.default'); }