You are already logged in...";
else:
//********** BEGIN CONTENT **********// ?>
User Login
prepare($query);
$stmt->execute(array(
':username' => $_POST['username']
));
$user = $stmt->fetchObject();
if ($user && $user->password == $hasher->CheckPassword($_POST['password'], $user->password)):
session_regenerate_id();
$_SESSION['user_id'] = $user->id;
$_SESSION['loggedIn'] = TRUE;
$_SESSION['signature'] = md5($user->id . $_SERVER['HTTP_USER_AGENT']);
$_SESSION['firstname'] = $user->firstname;
$_SESSION['lastname'] = $user->lastname;
session_write_close();
header("Location: index.php");
else:
header("Refresh:3; url=login.php", true, 303);
echo "Login failed, please try again...
";
endif;
endif;
?>