CTF/HTB/pollution/target/var.www.collect.app.controllers.login.php

<?php
use app\models\User;
$user = new User;

if(is_auth())
{
    die(redirect('/home'));
}

if(isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password']))
{

    if(!preg_match('/^[A-Za-z0-9]{1,20}$/',$_POST['username'])){
        set_flash('User with invalid characters');
        die(redirect('/login'));
    }

    $find = $user->find("username", $_POST['username']);

    if($find->username == $_POST['username'] && $find->password == md5($_POST['password']))
    {
        set_session($find->username, $find->role);
        die(redirect('/home'));
    }

    set_flash('Invalid credentials');

    die(redirect('/login'));
}

require '../app/views/login.php';