public function loginAction() { if(isset($_POST['username']) && isse

1. public function loginAction()
2. {
3. if(isset($_POST['username']) && isset($_POST['psw'])
4. && isset($_POST['submit']))
5. {
6. $arr = [];
7. $username = htmlentities($_POST['username']);
8. $password = htmlentities($_POST['psw']);
9. $manager = new UserManager();
10. $getUserData = $manager->loginUser($username, $password);
11. $arr['user'] = $_SESSION['username'];
12. var_dump($arr);
13. }
14. return $this->render('login.html.twig', $arr);
15. }
16.  
17. public function loginUser($user, $password)
18. {
19. if(isset($user) && isset($password)
20. && isset($_POST['submit']))
21. {
22. $hashedPwd = hash(md5, $password);
23. $dbm = DBManager::getInstance();
24. $pdo = $dbm->getPdo();
25.  
26. $stmt = $pdo->prepare("SELECT * FROM `Users`(`username`, `password`)
27. VALUES (:username, :pwd)");
28. $stmt->bindParam(':username', $user);
29. $stmt->bindParam(':pwd', $hashedPwd);
30.  
31. $stmt->execute();
32. $result = $stmt->fetchAll();
33.  
34. return $result;
35. }
36. }
37.  
38. <form action="?action=login" method="POST">
39. <input type="text" placeholder="username" name="username"><br>
40. <input type="password" placeholder="password" name="psw"><br>
41. <button type="submit" name="submit">Login boi</button>
42. </form>
43.  
44. <p>Hello {{ user }}</p>
45.  
46. protected function render($view, $data = [])
47. {
48. global $twig;
49. $template = $twig->load($view);
50. $response = $template->render($data);
51.  
52. return $response;
53. }