title = "Login" url = "/" layout = "login" is_hidden = 0 == addJs('assets/js/login.js'); } function onLogin(){ $email = $_POST['email']; $password = $_POST['password']; $userPassword = Db::select('select * from custom_users WHERE email="'.$email.'" '); //if no results are returned then return an error message saying that the email address does not have an account if( count($userPassword) == 0 ){ return 'error'; }else { // if there is an email in the DB then check the password //if the password match then create session variables and redirect to report page if (Hash::check($password, $userPassword[0]->password)) { // The passwords match... Session::put('userID',$userPassword[0]->id); Session::put('userEmail',$userPassword[0]->email); Session::put('userAccessLevel',$userPassword[0]->accessLevelCode); Session::save(); $lastLogin = date('Y-m-d H:i:s'); $ip = Request::ip(); Db::insert("UPDATE custom_users SET lastLogin=:lastLogin, lastIP=:ip WHERE id=:id",[$lastLogin,$ip,$userPassword[0]->id]); return Redirect::to('tickets'); }else{//return that the password is wrong return 'error2'; } } } ?> ==