pics/controllers/Login.php

<?php
/*****************************************************************************
 * Login.php
 * Contains the controller for logging the user in.
 *
 * Kabuki CMS (C) 2013-2015, Aaron van Geffen
 *****************************************************************************/

class Login extends HTMLController
{
	public function __construct()
	{
		// No need to log in twice, dear heart!
		if (Registry::get('user')->isLoggedIn())
		{
			if (Registry::get('user')->isAdmin())
				header('Location: ' . BASEURL . '/admin/');
			else
				header('Location: ' . BASEURL . '/');
			exit;
		}

		// Sanity check
		$login_error = false;
		if (isset($_POST['emailaddress'], $_POST['password']))
		{
			if (Authentication::checkPassword($_POST['emailaddress'], $_POST['password']))
			{
				parent::__construct('Login');
				$_SESSION['user_id'] = Authentication::getUserId($_POST['emailaddress']);

				if (isset($_POST['redirect_url']))
					header('Location: ' . base64_decode($_POST['redirect_url']));
				elseif (isset($_SESSION['login_url']))
					header('Location: ' . $_SESSION['redirect_url']);
				else
					header('Location: ' . BASEURL . '/admin/');
				exit;
			}
			else
				$login_error = true;
		}

		parent::__construct('Log in');
		$this->page->appendStylesheet(BASEURL . '/css/admin.css');
		$form = new LogInForm('Log in');
		if ($login_error)
			$form->setErrorMessage('Invalid email address or password.');

		// Tried anything? Be helpful, at least.
		if (isset($_POST['emailaddress']))
			$form->setEmail($_POST['emailaddress']);

		$this->page->adopt($form);
	}
}