Source of: /ADI/auth-db-sessions/login_action_smarty.php

<?php
include_once 'db.php';
include_once 'model.php';

// Connect to database
$db = dbconnect($hostname,$db_name,$db_user,$db_passwd);

session_start();

// make basic input validation
if( $_POST['uid']=='' or $_POST['pwd']=='' ) {
  $_SESSION['message'] = 'Your user ID and password can not be empty';
 
  if (isset($_POST['uid']))
     $_SESSION['uid'] = $_POST['uid'];
  header("Location: login_smarty.php");
  exit();
}

// check user credentials
$user = login_user($db,$_POST['uid'], $_POST['pwd']);

if (empty($user)) {
  $_SESSION['message'] = 'Your user ID or password is incorrect, or you are not a
     registered user on this site. To register for instant
     access, click <a href="signup_smarty.php">here</a>.';
  if (isset($_POST['uid']))
     $_SESSION['uid'] = $_POST['uid'];   
  header("Location: login_smarty.php");
  exit();
}
else {
   $_SESSION['username'] = $user['fullname'];
   $_SESSION['email'] = $user['email'];
   $_SESSION['notes'] = $user['notes'];
   $_SESSION['userid'] = $user['userid'];
   $_SESSION['id'] = $user['id'];   
   unset($_SESSION['message']);
}


header("Location: index_smarty.php");
?>