This is because your first if statement is:
Which will return false for an inactive user, as your query is:
PHP Code:
$query = $this->db->get_where('users', ['email' => $email, 'password' => md5($password), 'active' => 1]);
Notice, the check for "active" => 1, meaning it won't return any records for inactive users.
So your first if statement returns false, hence going to the else clause which has:
PHP Code:
$this->session->set_flashdata("signin_failure", "Incorrect email or password");
So you probably need to check if the user is active
first, before checking if their username/password is correct.
I'd suggest splitting your "user_login" function into two distinct functions. One to check if the user is active, and one to test the user/pass combo.
Lastly, I noticed you're storing your password as md5 strings... this is a bad idea. It's not secure. Use bcrypt or similar.
