From 754cb015a3cad85a64a75d5c9c15d8e3705e4dfc Mon Sep 17 00:00:00 2001
From: Alex Brand <47761373+pel-ex@users.noreply.github.com>
Date: Tue, 6 Jul 2021 23:42:53 +0100
Subject: [PATCH 1/2] Fixed login action

---
 index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/index.php b/index.php
index 6daeedc..c84ce17 100644
--- a/index.php
+++ b/index.php
@@ -25,7 +25,7 @@
         <div class="vertical-center">
             <div class="inner-block">
 
-                <form action="" method="post">
+                <form action="controllers/login.php" method="post">
                     <h3>Login</h3>
 
                     <?php echo $accountNotExistErr; ?>
@@ -54,4 +54,4 @@
 
 </body>
 
-</html>
\ No newline at end of file
+</html>

From d0f5985d2f81d1dd0fb712f9f1224f5c3ed7c9e0 Mon Sep 17 00:00:00 2001
From: Alex Brand <47761373+pel-ex@users.noreply.github.com>
Date: Tue, 6 Jul 2021 23:43:31 +0100
Subject: [PATCH 2/2] security fix

---
 controllers/login.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/controllers/login.php b/controllers/login.php
index 5035996..e94db23 100644
--- a/controllers/login.php
+++ b/controllers/login.php
@@ -14,7 +14,7 @@
         $pswd = mysqli_real_escape_string($connection, $password_signin);
 
         // Query if email exists in db
-        $sql = "SELECT * From users WHERE email = '{$email_signin}' ";
+        $sql = "SELECT * From users WHERE email = '{$user_email}' ";
         $query = mysqli_query($connection, $sql);
         $rowCount = mysqli_num_rows($query);
 
@@ -91,4 +91,4 @@
 
     }
 
-?>    
\ No newline at end of file
+?>