if (!isset($session->user)) { // display Login form $userView->loginForm('login'); } else { header('Location: ' . $registry->configuration->website->params->url . '/user/account'); exit; } break; case 'authorize': // authorize user login if (array_key_exists('username', $_POST) && array_key_exists('password', $_POST)) { // validate the authorization request parameters $values = array('username' => array('username' => $_POST['username']), 'password' => array('password' => $_POST['password'])); $dotValidateUser = new Dot_Validate_User(array('who' => 'user', 'action' => 'login', 'values' => $values)); if ($dotValidateUser->isValid()) { $userModel->authorizeLogin($dotValidateUser->getData()); } else { $error = $dotValidateUser->getError(); // login info are NOT VALID $txt = array(); $field = array('username', 'password'); foreach ($field as $v) { if (array_key_exists($v, $error)) { $txt[] = $error[$v]; } } $session->validData = $dotValidateUser->getData(); $session->message['txt'] = $txt; $session->message['type'] = 'error'; } } else {