login_handler

1. <?php  
2.  
3. if(isset($_POST['login_button'])) {
4.  
5.     $email = filter_var($_POST['log_email'], FILTER_SANITIZE_EMAIL); //sanitize email
6.  
7.     $_SESSION['log_email'] = $email; //Store email into session variable
8.     $password = md5($_POST['log_password']); //Get password
9.  
10.     $check_database_query = mysqli_query($con, "SELECT * FROM users WHERE email='$email' AND password='$password'");
11.     $check_login_query = mysqli_num_rows($check_database_query);
12.  
13.     if($check_login_query == 1) {
14.         $row = mysqli_fetch_array($check_database_query);
15.         $username = $row['username'];
16.  
17.         $user_closed_query = mysqli_query($con, "SELECT * FROM users WHERE email='$email' AND user_closed='yes'");
18.         if(mysqli_num_rows($user_closed_query) == 1) {
19.             $reopen_account = mysqli_query($con, "UPDATE users SET user_closed='no' WHERE email='$email'");
20.         }
21.  
22.         $_SESSION['username'] = $username;
23.         header("Location: index.php");
24.         exit();
25.     }
26.     else {
27.         array_push($error_array, "Email or password was incorrect<br>");
28.     }
29.  
30.  
31. }
32.  
33. ?>