// print $ip;
$username = $_POST['username'];
$password = $_POST['password'];
// If non empty values
if (isset($username) && isset($password)) {
$username = stripcslashes($username);
$passoword = stripcslashes($password);
$mainController = new LoginController();
$ip = $mainController->getRealIpAddr();
$record = $mainController->getLoginRecordByIp($ip);
// Run validations
if (Validate::username($username) && Validate::password($password)) {
$username = preg_replace("/[^a-zA-Z0-9_\\-]+/", "", $username);
// user credentials passed the validations
$publicUser = new PublicUser($username, $password);
$result = $publicUser->getUserByUsername($username);
if ($result) {
// username found
if (password_verify($password, $result['password']) && (int) $result['blocked'] !== 1) {
print_r($result);
$user = new User($result['username'], $result['password'], $result['administrator']);
$_SESSION["usertype"] = $user->getUserPrivilege();
$_SESSION["username"] = $user->getUsername();
$_SESSION["ip"] = $user->getRealIpAddr();
header("location:frontend/index.php");
exit;
} elseif ((int) $result['blocked'] === 1) {
header("location:blocked.html");
exit;
} else {
//******wrap it in a function********//
