<?php
/**
* Login System
*
* Allows a user to access there account
*
* @author Gareth Stones <*****@*****.**>
* @copyright 5th December 2007
*/
$continue = true;
if (methodCheck(FILE) == true) {
$clean = array();
foreach ($_POST as $key => $value) {
if (in_array($key, $allow[FILE]) == false || ($clean[$key] = new SecureData($value)) == false || $clean[$key]->isValid == false) {
unset($clean);
require_once DIR_COMPONENT . FILE . '/error.php';
break 2;
}
}
$query = null;
$query = vprintf('CALL login_user ("%s", "%s")', $clean);
unset($clean);
$result = null;
try {
$result = $mysql->query($query);
unset($query);
if ($result->num_rows == 1 && ($row = $result->fetch_assoc()) == true && $row['success'] == 1) {
$continue = false;
require_once DIR_COMPONENT . FILE . '/success.php';
}
$url = (defined('_HTTP_PROTOCOL_') ? _HTTP_PROTOCOL_ : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$domain = (defined('_HTTP_PROTOCOL_') ? _HTTP_PROTOCOL_ : 'http://') . _SITE_URL_;
if (strpos($url, 'index.php')) {
$urlParam = explode('index.php/', $url);
} else {
$urlParam = explode($domain, $url);
}
if (empty($urlParam[1])) {
$urlParam[1] = $config['default_controller'] . "/" . $config['default_method'];
}
if (!empty($routes) && isset($routes[$urlParam[1]]) && $routes[$urlParam[1]] != '') {
$urlParams = $routes[$urlParam[1]];
} else {
$urlParams = $urlParam[1];
}
$strRequest = explode('/', $urlParams);
$controllerName = ucwords($strRequest[0]);
if (!isset($strRequest[1])) {
$methodName = 'index';
} else {
$methodName = $strRequest[1];
}
try {
$getMethodFunc = methodCheck($controllerName, $methodName);
if (false === $getMethodFunc) {
die("This function is not exist in your system.");
}
} catch (Exception $e) {
die($e->getMessage());
}
