redirectToDashboard(); } $errors = []; $form_data = []; // Handle form submission if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Initialize database try { $db = new Database(); $pdo = $db->getConnection(); } catch (Exception $e) { logError('Database connection failed in login.php: ' . $e->getMessage()); $errors[] = 'System error. Please try again later.'; } if (empty($errors)) { // Get and sanitize form data $email = isset($_POST['email']) ? sanitize($_POST['email']) : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; $rememberMe = isset($_POST['remember_me']) ? true : false; // Store email for form repopulation $form_data['email'] = $email; // Validation if (empty($email) || empty($password)) { $errors[] = 'Please provide both email and password.'; } elseif (!validateEmail($email)) { $errors[] = 'Please provide a valid email address.'; } else { try { // Find user by email $stmt = $pdo->prepare(" SELECT id, email, password, email_verified, status, last_login FROM users WHERE email = ? "); $stmt->execute([$email]); $user = $stmt->fetch(); if (!$user) { // Log failed login attempt logError('Login attempt with non-existent email', ['email' => $email]); $errors[] = 'Invalid email or password.'; } elseif (!verifyPassword($password, $user['password'])) { logError('Login attempt with incorrect password', ['email' => $email]); $errors[] = 'Invalid email or password.'; } elseif (!$user['email_verified']) { $errors[] = 'Please verify your email address before logging in. Check your inbox for the verification link.'; } elseif ($user['status'] !== 'active') { $message = 'Your account is currently ' . $user['status'] . '.'; if ($user['status'] === 'suspended') { $message .= ' Please contact support for assistance.'; } $errors[] = $message; } else { // Login successful - create session session_start(); $_SESSION['user_id'] = $user['id']; $_SESSION['user_email'] = $user['email']; $_SESSION['logged_in'] = true; $_SESSION['login_time'] = time(); // Update last login time $stmt = $pdo->prepare("UPDATE users SET last_login = NOW() WHERE id = ?"); $stmt->execute([$user['id']]); // Set remember me cookie if requested (30 days) if ($rememberMe) { $sessionToken = generateSecureToken(); $expiresAt = date('Y-m-d H:i:s', strtotime('+30 days')); // Store session token in database $stmt = $pdo->prepare(" INSERT INTO user_sessions (user_id, session_token, expires_at) VALUES (?, ?, ?) ON DUPLICATE KEY UPDATE session_token = VALUES(session_token), expires_at = VALUES(expires_at) "); $stmt->execute([$user['id'], $sessionToken, $expiresAt]); // Set cookie setcookie('remember_token', $sessionToken, time() + (30 * 24 * 60 * 60), '/', '', true, true); } // Clean up expired sessions $pdo->prepare("DELETE FROM user_sessions WHERE expires_at < NOW()")->execute(); // Log successful login logError('User login successful', [ 'user_id' => $user['id'], 'email' => $user['email'], 'remember_me' => $rememberMe ]); // Redirect to dashboard header('Location: dashboard.php'); exit; } } catch (PDOException $e) { logError('Database error during login', [ 'error' => $e->getMessage(), 'email' => $email ]); $errors[] = 'Login failed due to a system error. Please try again later.'; } catch (Exception $e) { logError('General error during login', [ 'error' => $e->getMessage(), 'email' => $email ]); $errors[] = 'An unexpected error occurred. Please try again later.'; } } } } ?> Login - Relevant Reflex Paid Online Surveys India

Login to your Account!

You can take Online paid Surveys, Redeem your reward points and update profile - all in one place.