function process_login() { // Validate credentials $sid = DB::queryFirstField('SELECT school_id FROM schools WHERE school_id=%i AND access_code=%s LIMIT 1', $_GET['ID'], $_GET['Code']); if (!$sid) { trigger_error('Incorrect login data', E_USER_ERROR); } // ** CREDENTIALS ARE VALIDATED AT THIS POINT ** // lmt_set_login_data($sid); header('Location: Home'); }
<h1>Error</h1> Whoops! Something went wrong. Try again? HEREDOC; } } } die; } if ($CATCH_ERRORS) { set_error_handler('lmt_custom_errors', E_ERROR | E_PARSE | E_USER_ERROR); error_reporting(E_ERROR | E_PARSE | E_USER_ERROR); } // refresh cached data (name, permissions) every 1 min. if (isset($_SESSION['LMT_user_id']) && time() >= $_SESSION['LMT_last_refresh'] + 60) { lmt_set_login_data($_SESSION['LMT_user_id']); } // everyone gets logged out after 2 hours, no matter what // (this is in case an account is compromised without the password, i.e. left logged // in somewhere, or via intercepted verification email). Not that that's our most // significant worry. if (isset($_SESSION['LMT_user_id']) && isset($_SESSION['LMT_login_time']) && time() >= $_SESSION['LMT_login_time'] + 7200) { die('Signing Out... | ' . $_SESSION['LMT_user_id'] . ' | ' . $_SESSION['LMT_login_time'] . ' | ' . time()); } //header('Location: ' . URL::lmt() . '/Registration/Signout'); /* * map_value($key) * Returns the value associated with the given key * in the LMT map, or null if it does not exist. * * Map, as in a "mapping" in math. Makes life easier