pics/controllers/Login.php
Aaron van Geffen 7487068171 Allow resetting password through email.
This also adopts the use of an Alert template for error and success messages.
2017-11-09 17:00:34 +01:00

70 lines
1.9 KiB
PHP

<?php
/*****************************************************************************
* Login.php
* Contains the controller for logging the user in.
*
* Kabuki CMS (C) 2013-2015, Aaron van Geffen
*****************************************************************************/
class Login extends HTMLController
{
public function __construct()
{
// No need to log in twice, dear heart!
if (Registry::get('user')->isLoggedIn())
{
header('Location: ' . BASEURL . '/');
exit;
}
// Sanity check
$login_error = false;
if (isset($_POST['emailaddress'], $_POST['password']))
{
if (Authentication::checkPassword($_POST['emailaddress'], $_POST['password']))
{
parent::__construct('Login');
$_SESSION['user_id'] = Authentication::getUserId($_POST['emailaddress']);
if (isset($_POST['redirect_url']))
header('Location: ' . base64_decode($_POST['redirect_url']));
elseif (isset($_SESSION['login_url']))
{
unset($_SESSION['redirect_url']);
header('Location: ' . $_SESSION['redirect_url']);
}
else
header('Location: ' . BASEURL . '/');
exit;
}
else
$login_error = true;
}
parent::__construct('Log in - ' . SITE_TITLE);
$form = new LogInForm('Log in');
if ($login_error)
$form->adopt(new Alert('', 'Invalid email address or password.', 'error'));
// Tried anything? Be helpful, at least.
if (isset($_POST['emailaddress']))
$form->setEmail($_POST['emailaddress']);
// A message from the past/present/future?
if (isset($_SESSION['login_msg']))
{
$form->adopt(new Alert($_SESSION['login_msg'][0], $_SESSION['login_msg'][1], $_SESSION['login_msg'][2]));
unset($_SESSION['login_msg']);
}
// Going somewhere?
if (!empty($_GET['redirect']) && ($url = base64_decode($_GET['redirect'])))
{
$_SESSION['login_url'] = $url;
$form->setRedirectUrl($url);
}
$this->page->adopt($form);
}
}