/*---------------------------start login---------------------------*/ if (isse

1. /*---------------------------start login---------------------------*/
2. if (isset($_POST['loginbutton'])) {
3.  
4. /* Clean username and encrypt the password */
5. $_POST['username'] = filter_var($_POST['username'], FILTER_SANITIZE_STRING);;
6. $_POST['password'] = User::hash_password($_POST['password']);
7.  
8.  
9. if(empty($_POST['username']) || empty($_POST['password'])) {
10. $_SESSION['error'][] = $language->global->error_message->empty_fields;
11.  
12. } elseif(!(bool) Database::simple_get('active', 'users', ['username' => $_POST['username']])) {
13. $_SESSION['error'][] = $language->login->error_message->user_not_active;
14.  
15. } elseif(User::login($_POST['username'], $_POST['password']) == true) {
16. if(isset($_POST['remember_me'])) {
17. setcookie('username', $_POST['username'], time()+60*60*24*30);
18. setcookie('password', $_POST['password'], time()+60*60*24*30);
19. setcookie('user_id', User::login($_POST['username'], $_POST['password']), time()+60*60*24*30);
20. User::insert_into_users_sessions($user_id);
21. }else{
22. $_SESSION['user_id'] = User::login($_POST['username'], $_POST['password']);
23. User::insert_into_users_sessions($user_id);
24. }
25. redirect();
26.  
27. }elseif(User::login($_POST['username'], $_POST['password']) == false){
28. echo "false";
29. $_SESSION['error'][] = $language->login->error_message->wrong_password;
30. }
31.  
32.  
33. }
34. /*---------------------------end login---------------------------*/
35.  
36. this is form
37.  
38.  
39. <form action="" method="post" id="loginform">
40. <?php display_notifications(); ?>
41. <div class="form-group">
42. <label><?php echo $language->login->input->username; ?></label>
43. <input type="text" id="username" name="username" class="form-control" placeholder="<?php echo $language->login->input->username; ?>" required/>
44. </div>
45. <div class="form-group">
46. <label><?php echo $language->login->input->password; ?></label>
47. <input type="password" id="password" name="password" class="form-control" placeholder="<?php echo $language->login->input->password; ?>" required/>
48. </div>
49. <div>
50. <center>
51. <label><?php echo $language->login->input->remember_me; ?>
52. <input type="checkbox" name="remember_me" data-toggle="toggle" data-style="ios" data-onstyle="success" data-offstyle="danger" data-on="<?php echo $language->login->input->yes; ?>" data-off="<?php echo $language->login->input->no; ?>" data-size="small">
53. </label>
54. </center>
55. </div>
56. <center>
57. <div class="form-group">
58. <input type="submit" id="loginbutton" name="loginbutton" class="blue-button btn-block">
59. </div>
60. </form>
61.  
62.  
63. public static function login($username, $password) {
64. global $database;
65. global $security;
66.  
67. $stmt = $database->prepare("SELECT `user_id` FROM `users` WHERE `username` = ? AND `password` = ?");
68. $stmt->bind_param('ss', $username, $password);
69. $stmt->execute();
70. $stmt->bind_result($result);
71. $stmt->fetch();
72. $stmt->close();
73.  
74. if(!is_null($result)) {
75. return $result;
76. }
77.  
78. else return false;
79. }