Ok I have a login system that worked fine untill yesterday, but this morning suddenly stopped working. I will try to describe the situation as clear as possible.
In my routes file I use the following route for the login section:
// Admin section
'/admin/login' => [
'controller' => 'Controller_Auth',
'action' => 'login',
],
In Controller_Auth the login Action is as follows:
public function loginAction()
{
$admin = new Model_Admin(Db::getInstance());
$error = null;
if ($admin->is_admin()) {
$admin->redirect('index.php');
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($admin->attempt_login($_POST['email'], $_POST['password'])) {
$admin->redirect('/admin/');
}
$error = 'Email and/or password are wrong';
}
$view = new View('admin/login.php', compact('error'));
echo $view;
}
and Model_Admin contains the following:
public function loginAction()
{
$admin = new Model_Admin(Db::getInstance());
$error = null;
if ($admin->is_admin()) {
$admin->redirect('index.php');
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($admin->attempt_login($_POST['email'], $_POST['password'])) {
$admin->redirect('/admin/');
}
$error = 'Email and/or password are wrong';
}
$view = new View('admin/login.php', compact('error'));
echo $view;
}
class Model_Admin extends DbModel
{
public function email_exists($email) {
$sql = "SELECT admin_id
FROM site_admins
WHERE email = ?
LIMIT 1";
$stmt = $this->pdo->prepare($sql);
$stmt->execute(array($email));
return $stmt->fetchColumn();
}
public function attempt_login($email, $password) {
$sql = "SELECT *
FROM site_admins
WHERE email = ?
LIMIT 1";
$stmt = $this->pdo->prepare($sql);
$stmt->execute(array($email));
if (!$data = $stmt->fetch( PDO::FETCH_OBJ )) {
return false;
}
if (!password_verify($password, $data->password)) {
return false;
}
$_SESSION['user'] = $data->email;
$_SESSION['name'] = $data->name;
return $data;
}
public function is_admin() {
return isset($_SESSION['user']);
}
public function redirect($url) {
header('Location: ' .$url);
}
}
But no matter what I try, I keep getting the error : Email and/or password are wrong
as set in Controller_Auth.
I used this website to check if maybe something was wrong with the hashed password, but that ia not the case either. I realy don’t see anything wrong