function login() { $this->set('post', $_POST); $errMsg['userName'] = formatErrorMsg($this->validate->checkBlank($_POST['userName'])); $errMsg['password'] = formatErrorMsg($this->validate->checkBlank($_POST['password'])); if (!$this->validate->flagErr) { $sql = "select u.*,ut.user_type from users u,usertypes ut where u.utype_id=ut.id and u.username='******'userName']) . "'"; $userInfo = $this->db->select($sql, true); if (!empty($userInfo['id'])) { if ($userInfo['password'] == md5($_POST['password'])) { if ($userInfo['status'] == 1) { $uInfo['userId'] = $userInfo['id']; $uInfo['userType'] = $userInfo['user_type']; Session::setSession('userInfo', $uInfo); Session::setSession('lang_code', $userInfo['lang_code']); if ($referer = isValidReferer($_POST['referer'])) { redirectUrl($referer); } else { redirectUrl(SP_WEBPATH . "/"); } } else { $errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["User inactive"]); } } else { $errMsg['password'] = formatErrorMsg($_SESSION['text']['login']["Password incorrect"]); } } else { $errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["Login incorrect"]); } } $this->set('errMsg', $errMsg); $this->index(); }
function login() { $_POST['userName'] = sanitizeData($_POST['userName']); $this->set('post', $_POST); $errMsg['userName'] = formatErrorMsg($this->validate->checkBlank($_POST['userName'])); $errMsg['password'] = formatErrorMsg($this->validate->checkBlank($_POST['password'])); if (!$this->validate->flagErr) { $sql = "select u.*,ut.user_type from users u,usertypes ut where u.utype_id=ut.id and u.username='******'userName']) . "'"; $userInfo = $this->db->select($sql, true); if (!empty($userInfo['id'])) { if ($userInfo['password'] == md5($_POST['password'])) { if ($userInfo['status'] == 1) { // if login after first installation if (!empty($_POST['lang_code']) && $_POST['lang_code'] != 'en') { $sql = "UPDATE `settings` SET set_val='" . addslashes($_POST['lang_code']) . "' WHERE set_name='SP_DEFAULTLANG'"; $this->db->query($sql); $sql = "UPDATE users SET lang_code='" . addslashes($_POST['lang_code']) . "' WHERE id=1"; $this->db->query($sql); $userInfo['lang_code'] = $_POST['lang_code']; } // update timezone if (!empty($_POST['time_zone'])) { $sql = "UPDATE `settings` SET set_val='" . addslashes($_POST['time_zone']) . "' WHERE set_name='SP_TIME_ZONE'"; $this->db->query($sql); } $uInfo['userId'] = $userInfo['id']; $uInfo['userType'] = $userInfo['user_type']; @Session::setSession('userInfo', $uInfo); @Session::setSession('lang_code', $userInfo['lang_code']); @Session::setSession('text', ''); if ($referer = isValidReferer($_POST['referer'])) { redirectUrl($referer); } else { redirectUrl(SP_WEBPATH . "/"); } } else { $errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["User inactive"]); } } else { $errMsg['password'] = formatErrorMsg($_SESSION['text']['login']["Password incorrect"]); } } else { $errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["Login incorrect"]); } } $this->set('errMsg', $errMsg); $this->index(); }
<link rel="stylesheet" type="text/css" href="assets/vendor/bootstrap/css/bootstrap.min.css"/> <link rel="stylesheet" type="text/css" href="assets/vendor/bootstrap/css/bootstrap-theme.min.css"/> <link href='//fonts.googleapis.com/css?family=Lato:300,400,700,900&subset=latin,latin-ext' rel='stylesheet' type='text/css'> <link rel="stylesheet" type="text/css" href="assets/css/style.css"/> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-62959990-1', 'auto'); </script> </head> <body> <?php if (isset($_GET['status']) && $_GET['status'] == 'success' && !isset($_SESSION['trans_id']) && isValidReferer()) { ?> <script> <?php $cookie = isset($_COOKIE['paymentOption']) ? intval($_COOKIE['paymentOption']) : ''; $_SESSION['trans_id'] = intval(uniqid(time())); ?> <?php if (!empty($cookie)) { ?> ga('require', 'ecommerce'); <?php if ($cookie == 1) { ?> ga('ecommerce:addTransaction', { 'id': '<?php