6-4-1 接收表單，判斷帳密是否正確

一、增加一個流程

	case "login" :
		$msg = login();
		redirect_header("index.php", 3000, $msg);
		exit;

二、login()函數

#################################################
#  登入
#################################################
function login(){
	global $db;
	#過濾
	$_POST['email'] = db_CleanVars($_POST['email'], "email", FILTER_VALIDATE_EMAIL);
	$_POST['pass'] = db_CleanVars($_POST['pass'], "密碼");

	#撈出使用者
	
  $sql    = "SELECT * FROM `users` where `email`='{$_POST['email']}'";
  $result = $db->query($sql) or redirect_header(WEB_URL, 3000, "(".$db->connect_errno.")".$db->connect_error);
  
  $row = $result->fetch_assoc();


  if (password_verify($_POST['pass'], $row['pass'])) {
      $_SESSION['group'] = $row['group'];
      $_SESSION['name']  = htmlspecialchars($row['name'], ENT_QUOTES);
      $_SESSION['uid']   = intval($row['uid']);
      $_SESSION['email'] = htmlspecialchars($row['email'], ENT_QUOTES);
  } else {
  	redirect_header(WEB_URL, 3000, "登入失敗！");
  }
	return "登入成功！";
}

三、在head.php 做判斷是否為登入會員

#判斷是否登入
$member = isset($_SESSION['uid']) ? true : false;
$smarty->assign("member", $member);

四、在樣板判斷 <{$member}>

假如真，則畫面出現「登出」

假如假，則畫面出現「登入」or 「註冊」