ID: 770dbf5f9a8c0be9b8b4b2e9e1f0b3680ff22158
100 lines
—
3K —
View raw
| <?php
require_once 'session.php';
require_once 'database.php';
require_once 'twig.php';
// Do not re-login if already loged in
if (Session::is_valid())
{
header ('Location: ./user');
exit ();
}
// POST: Process form submission ===========================================
if ($_SERVER['REQUEST_METHOD'] === 'POST')
{
$db = new Database();
$db->connect ();
// Process login request
if (isset ($_POST['login']))
{
// Bad POST request!
if (!isset ($_POST['username']) || !isset ($_POST['password']))
exit ();
$username = $_POST['username'];
$password = $_POST['password'];
// Check username/password
$user = $db->check_user_credentials ($username, $password);
// Does the user exist?
if (is_null ($user) || empty ($user))
{
$feedback = 'Bad login!';
} else {
Session::set ($user);
header ('Location: ./');
exit ();
}
}
// Process new account request
if (isset ($_POST['new_account']))
{
// Bad POST request!
if (!isset ($_POST['username']) || !isset ($_POST['password']))
exit ();
// Error to display if can't create new user
$feedback = NULL;
// Make sure the username is not empty
$username = trim ($_POST['username']);
$password = $_POST['password'];
// Username taken
if (strlen ($username) == 0 || $db->user_exists ($username))
$feedback = 'Name taken, please choose another.';
// Password too short
if (!$feedback && strlen ($password) < 8)
$feedback = 'Password too short';
if (!$feedback)
{
// Username OK, Password OK: create new user
$user = $db->new_user ($username, $password);
// Something bad happened...
if (is_null ($user) || empty ($user))
$feedback = 'An error has occurred, please try again.';
if (!$feedback)
{
// Everything fine, login user and redirect
Session::set ($user);
header ('Location: ./user');
exit ();
}
}
}
}
// GET: show login form ====================================================
// Render template
echo $twig->render (
'login.twig',
array('feedback' => isset ($feedback) ? $feedback : ''));
|