function login()
{
$this->set('post', $_POST);
$errMsg['userName'] = formatErrorMsg($this->validate->checkBlank($_POST['userName']));
$errMsg['password'] = formatErrorMsg($this->validate->checkBlank($_POST['password']));
if (!$this->validate->flagErr) {
$sql = "select u.*,ut.user_type from users u,usertypes ut where u.utype_id=ut.id and u.username='******'userName']) . "'";
$userInfo = $this->db->select($sql, true);
if (!empty($userInfo['id'])) {
if ($userInfo['password'] == md5($_POST['password'])) {
if ($userInfo['status'] == 1) {
$uInfo['userId'] = $userInfo['id'];
$uInfo['userType'] = $userInfo['user_type'];
Session::setSession('userInfo', $uInfo);
Session::setSession('lang_code', $userInfo['lang_code']);
if ($referer = isValidReferer($_POST['referer'])) {
redirectUrl($referer);
} else {
redirectUrl(SP_WEBPATH . "/");
}
} else {
$errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["User inactive"]);
}
} else {
$errMsg['password'] = formatErrorMsg($_SESSION['text']['login']["Password incorrect"]);
}
} else {
$errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["Login incorrect"]);
}
}
$this->set('errMsg', $errMsg);
$this->index();
}
function login()
{
$_POST['userName'] = sanitizeData($_POST['userName']);
$this->set('post', $_POST);
$errMsg['userName'] = formatErrorMsg($this->validate->checkBlank($_POST['userName']));
$errMsg['password'] = formatErrorMsg($this->validate->checkBlank($_POST['password']));
if (!$this->validate->flagErr) {
$sql = "select u.*,ut.user_type from users u,usertypes ut where u.utype_id=ut.id and u.username='******'userName']) . "'";
$userInfo = $this->db->select($sql, true);
if (!empty($userInfo['id'])) {
if ($userInfo['password'] == md5($_POST['password'])) {
if ($userInfo['status'] == 1) {
// if login after first installation
if (!empty($_POST['lang_code']) && $_POST['lang_code'] != 'en') {
$sql = "UPDATE `settings` SET set_val='" . addslashes($_POST['lang_code']) . "' WHERE set_name='SP_DEFAULTLANG'";
$this->db->query($sql);
$sql = "UPDATE users SET lang_code='" . addslashes($_POST['lang_code']) . "' WHERE id=1";
$this->db->query($sql);
$userInfo['lang_code'] = $_POST['lang_code'];
}
// update timezone
if (!empty($_POST['time_zone'])) {
$sql = "UPDATE `settings` SET set_val='" . addslashes($_POST['time_zone']) . "' WHERE set_name='SP_TIME_ZONE'";
$this->db->query($sql);
}
$uInfo['userId'] = $userInfo['id'];
$uInfo['userType'] = $userInfo['user_type'];
@Session::setSession('userInfo', $uInfo);
@Session::setSession('lang_code', $userInfo['lang_code']);
@Session::setSession('text', '');
if ($referer = isValidReferer($_POST['referer'])) {
redirectUrl($referer);
} else {
redirectUrl(SP_WEBPATH . "/");
}
} else {
$errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["User inactive"]);
}
} else {
$errMsg['password'] = formatErrorMsg($_SESSION['text']['login']["Password incorrect"]);
}
} else {
$errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["Login incorrect"]);
}
}
$this->set('errMsg', $errMsg);
$this->index();
}
<link rel="stylesheet" type="text/css" href="assets/vendor/bootstrap/css/bootstrap.min.css"/>
<link rel="stylesheet" type="text/css" href="assets/vendor/bootstrap/css/bootstrap-theme.min.css"/>
<link href='//fonts.googleapis.com/css?family=Lato:300,400,700,900&subset=latin,latin-ext' rel='stylesheet'
type='text/css'>
<link rel="stylesheet" type="text/css" href="assets/css/style.css"/>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-62959990-1', 'auto');
</script>
</head>
<body>
<?php
if (isset($_GET['status']) && $_GET['status'] == 'success' && !isset($_SESSION['trans_id']) && isValidReferer()) {
?>
<script>
<?php
$cookie = isset($_COOKIE['paymentOption']) ? intval($_COOKIE['paymentOption']) : '';
$_SESSION['trans_id'] = intval(uniqid(time()));
?>
<?php
if (!empty($cookie)) {
?>
ga('require', 'ecommerce');
<?php
if ($cookie == 1) {
?>
ga('ecommerce:addTransaction', {
'id': '<?php
