<?php require_once 'assets/php/main.php'; /*-------------------------------------------------- Handle visits with a login token. If it is valid, log the person in. ---------------------------------------------------*/ if (isset($_GET['tkn'])) { // Is this a valid login token? $user = User::findByToken($_GET['tkn']); if ($user) { // Yes! Login the user and redirect to the protected page. $user->login(); redirect('protected.php'); } // Invalid token. Redirect back to the login form. redirect('index.php'); } /*-------------------------------------------------- Handle logging out of the system. The logout link in protected.php leads here. ---------------------------------------------------*/ if (isset($_GET['logout'])) { $user = new User(); if ($user->loggedIn()) { $user->logout(); } redirect('index.php'); } /*-------------------------------------------------- Don't show the login page to already