<?php require 'app/inc/autoload.php'; if (isset($_POST) && !empty($_POST)) { $user = Filters::anti_sql_injection($_POST['user']); $password = md5($_POST['password']); $admin_model = new AdminModel(); $admin_model->setCond('user = "******"'); $admin_model->setCond('password = "******"'); $load = $admin_model->load(); if (!empty($load)) { $_SESSION['id_admin'] = $load[0]['id']; $_SESSION['user_admin'] = $load[0]['user']; $_SESSION['password_admin'] = $load[0]['password']; } } // Check login if (isset($_SESSION['user_admin']) && isset($_SESSION['password_admin'])) { header('location: index.php'); exit; } Template::getHeader(); ?> <div id="content"> <form method="post" name="login" action="login.php"> <div class="block_field"> <label for="user">User<label> <input type="text" name="user" id="user" size="30" /> </div> <div class="block_field"> <label for="password">Password<label>
/** * Get data para insercao */ public function getData() { // Deletando fields vazios if (count($this->remove_empty)) { foreach ($this->remove_empty as $field) { if (array_key_exists($field, $this->data) && $this->data[$field] == '') { $key = array_search($field, $this->fields); unset($this->fields[$key]); } } } // Aplicando formatação aos valores $values = array(); foreach ($this->fields as $field) { if (array_key_exists($field, $this->data)) { $treated_value = Filters::anti_sql_injection($this->data[$field]); $treated_value = $this->strip_tags ? Filters::strip_tags($treated_value) : $treated_value; if (array_key_exists($field, $this->_filters)) { $filter = $this->_filters[$field]; $all_filters = get_class_methods('Filters'); if (function_exists($filter)) { $treated_value = $filter($treated_value); } else { if (in_array($filter, get_class_methods($this))) { $treated_value = $this->{$filter}($treated_value); } else { if (in_array($filter, $all_filters)) { $treated_value = Filters::$filter($treated_value); } } } } $values[$field] = '"' . $treated_value . '"'; } else { $values[$field] = '""'; } } return $values; }