didats/Nginx configuration file

## added.css
.login-page header.header {
	display:none !important;
}

.login {
	width: 400px !important;
	margin: 10% auto !important;
}

## base.php
$app->before(function ($request, $app) {
	$request->getSession()->start();

	if (!preg_match("/login/", $request->getRequestUri())) {
		if(!checkingAuth()) {
			return $app->redirect($app['url_generator']->generate('login'));
		}
	}
});

$app->match('/login', function () use ($app) {
	$htmlData = array();
	if("POST" == $app['request']->getMethod()){

		foreach($_POST['form'] as $key => $value) {
			$$key = strip_tags($value);
		}
		$password = passwordShield($password);

		// checking the database
		$row = $app['db']->fetchAssoc("SELECT * FROM admins WHERE admin_username = ? AND admin_password = ?", array($username, $password));

		if(!$row) {
			// do nothing
			$htmlData['message'] = "Account not found";
		}
		else {
			// do session
			$app['session']->set('user', array('type' => $row['admin_type'], 'email' => $row['admin_email'], 'site_id' => $row['site_id'], 'username' => $username, 'password' => $password, 'last_login' => $row['last_login']));

			// execute update on last login
			$app['db']->executeUpdate("UPDATE admins SET last_login = NOW() WHERE admin_username = ? AND admin_password = ?", array($username, $password));

			$site = $app['db']->fetchAssoc("SELECT * FROM sites WHERE site_id = ?", array($row['site_id']));
			$app['session']->set('site', $site);

			return $app->redirect($app['url_generator']->generate('dashboard'));
		}

	}

    return $app['twig']->render('login.html.twig', $htmlData);

})
->bind('login');

$app->match("/logout", function() use($app) {

	$app['session']->clear();
	return $app->redirect($app['url_generator']->generate('login'));

})->bind("logout");

function passwordShield($str) {
	return md5($str."1r2i3m4b5u6n7e8s9i0a1");
}

function checkingAuth() {
	global $app;

	$user = $app['session']->get("user");

	if(!isset($user['site_id'])) {
		return false;
	}

	return true;
}

## login.twig.html
{% extends 'ag_base/backend.html.twig' %}

{% block body_params %}class="skin-black login-page"{% endblock %}

{% block container %}

    <div class="wrapper row-offcanvas row-offcanvas-left">

        <!-- Right side column. Contains the navbar and content of the page -->
        <form method="post" action="">
        <section class="login center">
        	<div class="row">
        		<div class="box">
        			<div class="box-body">

        				<div class="row">
			        		<div class="col-xs-12">
			        			<h1>Login</h1>
			        		</div>
			        	</div>
			        	<br />

			        	 <div class="form-group">
						    <label for="form_username">Username</label>
						    <input type="text" id="form_username" name="form[username]" class="form-control">
						</div>
						<div class="form-group">
						    <label for="form_password">Password</label>
						    <input type="password" id="form_password" name="form[password]" class="form-control">
						</div>

        			</div>

        			<div class="box-footer">
                        <button type="submit" class="btn btn-primary">Submit</button>
                    </div>

        		</div>
        	</div>
        </section>
        </form>

    </div><!-- ./wrapper -->

{% endblock %}

## Nginx configuration file
server {
        listen 80;
        server_name example.com;
        root /usr/share/nginx/example.com/web;
        index index.php index.html;

        location ~* ^/(assets|files|robots\.txt) { }

        location / {
                if (-f $request_filename) {
                        expires max;
                        break;
                }

                rewrite ^(.*) /index.php last;
        }

         location ~ \.php$ {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }

}
	$app->before(function ($request, $app) {
	$request->getSession()->start();

	if (!preg_match("/login/", $request->getRequestUri())) {
	if(!checkingAuth()) {
	return $app->redirect($app['url_generator']->generate('login'));
	}
	}
	});

	$app->match('/login', function () use ($app) {
	$htmlData = array();
	if("POST" == $app['request']->getMethod()){

	foreach($_POST['form'] as $key => $value) {
	$$key = strip_tags($value);
	}
	$password = passwordShield($password);

	// checking the database
	$row = $app['db']->fetchAssoc("SELECT * FROM admins WHERE admin_username = ? AND admin_password = ?", array($username, $password));

	if(!$row) {
	// do nothing
	$htmlData['message'] = "Account not found";
	}
	else {
	// do session
	$app['session']->set('user', array('type' => $row['admin_type'], 'email' => $row['admin_email'], 'site_id' => $row['site_id'], 'username' => $username, 'password' => $password, 'last_login' => $row['last_login']));

	// execute update on last login
	$app['db']->executeUpdate("UPDATE admins SET last_login = NOW() WHERE admin_username = ? AND admin_password = ?", array($username, $password));

	$site = $app['db']->fetchAssoc("SELECT * FROM sites WHERE site_id = ?", array($row['site_id']));
	$app['session']->set('site', $site);

	return $app->redirect($app['url_generator']->generate('dashboard'));
	}

	}

	return $app['twig']->render('login.html.twig', $htmlData);

	})
	->bind('login');

	$app->match("/logout", function() use($app) {

	$app['session']->clear();
	return $app->redirect($app['url_generator']->generate('login'));

	})->bind("logout");

	function passwordShield($str) {
	return md5($str."1r2i3m4b5u6n7e8s9i0a1");
	}

	function checkingAuth() {
	global $app;

	$user = $app['session']->get("user");

	if(!isset($user['site_id'])) {
	return false;
	}

	return true;
	}
	{% extends 'ag_base/backend.html.twig' %}

	{% block body_params %}class="skin-black login-page"{% endblock %}

	{% block container %}

	<div class="wrapper row-offcanvas row-offcanvas-left">

	<!-- Right side column. Contains the navbar and content of the page -->
	<form method="post" action="">
	<section class="login center">
	<div class="row">
	<div class="box">
	<div class="box-body">

	<div class="row">
	<div class="col-xs-12">
	<h1>Login</h1>
	</div>
	</div>
	<br />

	<div class="form-group">
	<label for="form_username">Username</label>
	<input type="text" id="form_username" name="form[username]" class="form-control">
	</div>
	<div class="form-group">
	<label for="form_password">Password</label>
	<input type="password" id="form_password" name="form[password]" class="form-control">
	</div>

	</div>

	<div class="box-footer">
	<button type="submit" class="btn btn-primary">Submit</button>
	</div>

	</div>
	</div>
	</section>
	</form>

	</div><!-- ./wrapper -->

	{% endblock %}
	server {
	listen 80;
	server_name example.com;
	root /usr/share/nginx/example.com/web;
	index index.php index.html;

	location ~* ^/(assets\|files\|robots\.txt) { }

	location / {
	if (-f $request_filename) {
	expires max;
	break;
	}

	rewrite ^(.*) /index.php last;
	}

	location ~ \.php$ {
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	fastcgi_pass unix:/var/run/php5-fpm.sock;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include fastcgi_params;
	}

	}