if (!empty($emailmatches[1])) {
            $field = 'email';
        } else {
            $form->errors[] = "No user found with username or email <strong>" . $unvalue . "</strong>";
            $form->valid = false;
        }
    }
    if (isset($field)) {
        $userrow = db_get("SELECT * FROM login_user WHERE upper({$field}) = upper('{$unvalue}')", 'row');
        $passhashvalue = $userrow[0]['PASS'];
        $bcrypt = new Bcrypt(15);
        $isGood = $bcrypt->verify($_REQUEST['password'], $passhashvalue);
        if ($isGood) {
            $form->successMessage = "Successfully logged on! If you are not redirected, please <a href='welcome.php'>click here</a>";
            $user = new LoginUser();
            $user->setFromArray($userrow[0]);
            $user->sessionSet();
            $redirect = "welcome.php";
            if (isset($_SESSION["referring_page"]) && $_SESSION["referring_page"] != $_SERVER['REQUEST_URI']) {
                $redirect = $_SESSION["referring_page"];
            }
            header("Location: {$redirect}");
        } else {
            $form->errors[] = "Wrong password";
            $form->valid = false;
        }
    }
}
?>
<!DOCTYPE html>
<html>