$error = true; header("Location: ../index.php?login_error=empty"); } else { if (!validateText($user, 2, 20)) { $error = true; header("Location: ../index.php?login_error=user"); } else { if (!validateText($userPassword, 10, 50)) { $error = true; header("Location: ../index.php?login_error=pw"); } else { if (!$db->userExists($user)) { $error = true; header("Location: ../index.php?login_error=nonexistent"); } else { if (!$db->checkPassword($user, $userPassword)) { $error = true; header("Location: ../index.php?login_error=wrongpw"); } } } } } if (!$error) { $_SESSION['username'] = $user; $_SESSION['db'] = $db; $_SESSION['user'] = new User($user); // success! header("Location: ../index.php"); } }