real_escape_string($_POST['username']);
$authcreds['password'] = $mysqli->real_escape_string($_POST['password']);
if(strstr($authcreds['username'], ' ')) {
$authcreds['username'] = trim($authcreds['username']);
}
$authed = $polrauth->processlogin($authcreds['username'],$authcreds['password']);
if($authed==true) {
$_SESSION['li'] = sha1('li');
$_SESSION['username'] = $authcreds['username'];
$_SESSION['role'] = $polrauth->getrole($authcreds['username']);
header('Location:index.php');
}
else {
require_once('header.php');
echo 'Incorrect password or username (or account not activated). Try again
';
require_once('footer.php');
die();
}