Untitled

$(document).ready(function () {

        // jQuery validate plugin
        $('#login > form').validate({

            rules: {
                username: { required: true },
                password: { required: true }
            },

            submitHandler: function () {

                var credentials = {
                    "username": $('#username').val(),
                    "password": $('#password').val()
                };

                $.post('ajax/tryLogin.php', credentials)
                    .done(function (data) {

                        if (data.hasOwnProperty('success') &&
                            data['success']) {

                            window.location = 'catalog.php';

                        } else if (data.hasOwnProperty('message')) {

                            alert(data['message']);
                        } else {
                            alert('Communication with the server failed.');
                        }
                    })
                    .fail(function () {
                        alert('Communication with the server failed.');
                    })
            }
        });
    });

if (empty($_POST['username']) || empty($_POST['password'])) {
    $data['success'] = false;
    $data['message'] = 'Username and password are required.';

} else {

    try {
        $data['success'] = Security::TryLogin($_POST['username'], $_POST['password']);
    } catch (Exception $e) {

        $data['success'] = false;
        $data['message'] = $e->getMessage();
    }
}
header('Content-type: application/json');
echo json_encode($data);

class Security
{

    //...

    public static function TryLogin($username, $password)
    {
        $username = strtolower($username);
        $password = sha1($password . $username);

        try {
            $user = Users::FindByUsernameAndPassword($username, $password);

            if (session_id() == '') {
                session_start();
            }

            $_SESSION[self::USER_IDENTIFIER] = $user;

            return true;

        } catch (Exception $e) {
            throw new Exception('Username of password incorrect.');
        }
    }

    //...

}

<?php

include_once('config.php');
include_once(ROOT . 'libs/database.php');
include_once(ROOT . 'libs/models/user.php');

class Security
{

    //...

    public static function TryLogin($username, $password)
    {
        $username = strtolower($username);
        $password = sha1($password . $username);

        $conn = Database::getConnection();
        if (empty($conn)) {
            throw new Exception('The connection to the database failed.');
        }

        $result = odbc_exec($conn, '{CALL [BruPartsOrderDb].[dbo].[tryLogin]("' . $username . '", "' . $password . '")}');
        if (empty($result)) {
            throw new Exception('The execution of the query failed.');
        }

        $row = odbc_fetch_row($result);
        if (empty($row)) {
            throw new Exception('Username or password incorrect.');
        }

        if (session_id() == '') {
            session_start();
        }

        $_SESSION['user'] = new User(odbc_result($result, 'id'), $username);

        return true;
    }

    //...
}