web/public_php/ams/func/login.php

   1 <?php
   2 /**
   3 * This function is beign used to login a user.
   4 * It will first check if the sent POST data returns a match with the DB, if it does, some session variables will be appointed to the user and he will be redirected to the index page again.
   5 * If it didn't match, the template will be reloaded and a matching error message will be shown.
   6 * @author Daan Janssens, mentored by Matthew Lagoe
   7 */
   8 function login(){
   9         global $INGAME_WEBPATH;
  10         global $WEBPATH;
  11         try{
  12                 $login_value = filter_var($_POST['LoginValue'],FILTER_SANITIZE_STRING);
  13                 $password = filter_var($_POST['Password'],FILTER_SANITIZE_STRING);
  14
  15                 //check if the filtered sent POST data returns a match with the DB
  16                 $result = WebUsers::checkLoginMatch($login_value, $password);
  17
  18                 if( $result != "fail"){
  19                         //handle successful login
  20                         $_SESSION['user'] = $result['Login'];
  21                         $_SESSION['id'] = $result['UId'];
  22                         $_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
  23                         $user = new WebUsers($_SESSION['id']);
  24                         $_SESSION['Language'] = $user->getLanguage();
  25
  26                         $GETString = "";
  27                         foreach($_GET as $key => $value){
  28                                 $GETString = $GETString . $key . '=' . $value . "&";
  29                         }
  30                         if($GETString != ""){
  31                                 $GETString = '?'.$GETString;
  32                         }
  33
  34
  35                         //go back to the index page.
  36                 header("Cache-Control: max-age=1");
  37                         if (Helpers::check_if_game_client()) {
  38                                 header( 'Location: '. $INGAME_WEBPATH . $GETString);
  39                         }else{
  40                                 header( 'Location: '. $WEBPATH . $GETString);
  41                         }
  42                         throw new SystemExit();
  43                 }else{
  44                         //handle login failure
  45                         $result = Array();
  46                         $result['login_error'] = 'TRUE';
  47                         $result['no_visible_elements'] = 'TRUE';
  48                         helpers :: loadtemplate( 'login', $result);
  49                         throw new SystemExit();
  50                 }
  51
  52
  53         }catch (PDOException $e) {
  54              //go to error page or something, because can't access website db
  55              print_r($e);
  56              throw new SystemExit();
  57         }
  58
  59 }