private function handleLogin() { global $gLogger; $gLogger->log("Handling login"); // variable to set the status of the login // defaults to false. $success = false; $error = ""; $username = WebRequest::post("lgUsername"); $password = WebRequest::post("lgPassword"); $userAccount = InternalUser::getByName($username); if ($userAccount) { if ($userAccount->authenticate($password)) { // log in $gLogger->log("Login: OK"); $success = true; Session::setLoggedInUser($userAccount->getId()); } else { $error = "bad-password"; $gLogger->log("Login:Bad password"); } } else { $error = "bad-username"; $gLogger->log("Login:Bad username"); } if ($success) { global $cWebPath; $this->mHeaders[] = "HTTP/1.1 303 See Other"; $this->mHeaders[] = "Location: " . $cWebPath . "/management.php"; } else { $this->error($error); $this->showLoginForm(); } }