// If the request is post, try and log them in
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// check whether the posted fields are empty
if (!empty($_POST['login']['studentId']) && !empty($_POST['login']['password'])) {
// try and log the user in
// block default accounts for demo
if (in_array($_POST['login']['studentId'], ['11111111', '22222222'])) {
Session::setError('Your Student ID or Password was incorrect or the account does not exist, please try again.');
Session::redirect('/login');
}
if (User::attemptLogin($_POST['login']['studentId'], $_POST['login']['password'])) {
$_SESSION['studentId'] = $_POST['login']['studentId'];
if ($_POST['login']['rememberMe'] == 'yes') {
$_SESSION['expiry'] = 0;
} else {
Session::setExpiry();
}
Session::setSuccess('You have successfully been logged in.');
if (User::firstUse($_SESSION['studentId'])) {
Session::redirect('/register');
}
Session::redirect('/');
} else {
Session::setError('Your Student ID or Password was incorrect or the account does not exist, please try again.');
Session::redirect('/login');
}
} else {
// set error message and redirect
Session::setError('Unable to log you in, one or more fields was empty');
Session::redirect('/login');
}
