// connect to db
if ($success) {
$row = UserHelper::getUserRow($db, $_POST["email"], md5($_POST["password"]));
if ($row === false) {
$success = false;
$message = "<span class=\"feedbackNegative\">Invalid login details</span>";
} else {
// restart the session, so there can never be an overlap on one machine.
// all operations are checked atomically
session_unset();
session_destroy();
session_start();
// $sessionid = session_id();
SessionHelper::setSession($row);
CookieHelper::setLoginUser($_POST["email"]);
CookieHelper::setLoginPass(md5($_POST["password"]));
}
}
//
if ($success) {
// they logged in using the form, send redirect headers
// echo "SUCCESS " . print_r($_POST); exit;
if ($from) {
header("Location: " . $from);
} else {
if (SessionHelper::isAdmin()) {
header("Location: report_time.php");
} else {
header("Location: .");
}
}