function handleLogin()
{
//showLog("handleLogin");
$ret = array('op' => 'login', 'msg' => 'Login Successful', 'error_code' => '0');
$email = $_POST["email"];
$password = $_POST["password"];
$dao = new DAOuser();
$user = $dao->getByEmailAndPassword($email, $password);
if ($user == NULL) {
$ret["error_code"] = "1";
$ret["msg"] = "Invalid username or password";
} else {
$ret["uid"] = $user->uid;
$session_dao = new DAOsession();
$start_time = date('Y-m-d H:i:s');
$time = time() + 3600;
$end_time = date('Y-m-d H:i:s', $time);
$session_vo = new session($ret["uid"], $start_time, $end_time);
$session_dao->save($session_vo);
//$ret["session_code"] = $session_vo->session_code;
}
echo json_encode($ret);
}
<?php
session_start();
include "admin/class.user.dao.php";
include_once 'db.php';
// check if user already logged in,
// then redirect to main page
if (isset($_SESSION['uid']) != "") {
header("Location: company.php");
}
$email = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$dao = new DAOuser();
$user = $dao->getByEmailAndPassword($email, $password);
// login failed
if ($user == null) {
//echo "<script>alert('Login Failed !!!!');</script>";
header("Location: index.php?ec=1");
} else {
// login OK
$_SESSION["uid"] = $user->uid;
header("Location: dashboard.php");
}
