Файл: app/index/index.php
Строк: 28
<?php
class index extends Controller
{
function main()
{
if ($this->user->isAuth())
{
$this->tpl->user = $this->user;
$this->tpl->run('user');
}
else
{
$this->tpl->err = null;
if (filter_has_var(INPUT_POST, 'submit'))
{
$filter = [
'login' => trim(filter_input(INPUT_POST, 'login', FILTER_UNSAFE_RAW)),
'password' => trim(filter_input(INPUT_POST, 'password', FILTER_UNSAFE_RAW))
];
if (DB::run()->query("SELECT COUNT(`id`) FROM `users` WHERE `login` = '" . $filter['login'] . "' AND `password` = '" . $filter['password'] . "' ")->fetchColumn() == 0)
{
$this->tpl->err = 'Неверный логин или пароль.';
}
else
{
$user = DB::run()->query("SELECT * FROM `users` WHERE `login` = '" . $filter['login'] . "' AND `password` = '" . $filter['password'] . "'")->fetch();
setcookie('token', $user['token'], time() + 60 * 60 * 24 * 31 * 365, '/');
exit(header('location: /'));
}
}
$this->tpl->run();
}
}
function logout()
{
setcookie('token', '', time() - 60 * 60 * 24 * 31 * 365, '/');
exit(header('location: /'));
}
}