public static function login() { $username = NULL; $password = NULL; $error = NULL; if (isset($_POST['username'])) { //Check if form was filled out completely... if ($_POST['username'] == '' && $_POST['password'] == '') { return User::processLoginForm(User::config('login_no_input_error')); } if ($_POST['username'] == '') { return User::processLoginForm(User::config('login_no_username_error')); } if ($_POST['password'] == '') { return User::processLoginForm(User::config('login_no_password_error'), $_POST['username']); } //Check if entered details are valid... if (!User::validateUsername($_POST['username'])) { return User::processLoginForm(User::config('login_invalid_username_error')); } if (!User::validatePassword($_POST['password'])) { return User::processLoginForm(User::config('login_invalid_password_error'), $_POST['username']); } //Try finding in the user... try { $user = new User($_POST['username'], User::GET_BY_USERNAME); } catch (UserNoSuchUserException $e) { return User::processLoginForm(User::config('login_no_such_username_error')); } //Check if user is in cooldown if ($user->loginLimitExceeded()) { return User::processLoginForm(User::config('login_cooldown_error'), $_POST['username']); } //Check for unnaturally frequent login attempts if (!$user->checkLoginFrequency()) { return User::processLoginForm(User::config('login_frequency_error'), $_POST['username']); } //Check if the passwords match... if (!$user->checkPassword($_POST['password'])) { $user->loginFailure(); return User::processLoginForm(User::config('login_incorrect_password_error'), $_POST['username']); } //Success... if (array_key_exists('cookie_duration', $_POST) && ctype_digit($_POST['cookie_duration'])) { $user->startSession($_POST['cookie_duration']); } else { $user->startSession(User::config('cookie_session_length')); } $user->setFailureCount(0); $user->setFailureTime(0); return str_replace('[username]', $user->getUsername(), User::config('login_success_template')); } return User::processLoginForm(); }