public function __construct() { //Checks if user is logged in or has posted passwords. Redirects as appropriate. $SessAuthWorker = new SessionAuthenticate(); if ($SessAuthWorker->authenticate()) { header("Location: " . GenerateRootPath::getRoot(1) . "/dashboard/"); exit; } if (isset($_POST["username"]) && isset($_POST["password"])) { $PassAuthWorker = new PasswordAuthenticate(); if ($PassAuthWorker->authenticate($_POST["username"], $_POST["password"])) { $TimeAuthWorker = new TimeAuthenticate(); $PrivAuthWorker = new PrivilegeAuthenticate(); if (session_status() === PHP_SESSION_NONE) { session_start(); } $db = UniversalConnect::doConnect(); $query = "SELECT userkey, usertype FROM users WHERE userid=\"" . $db->real_escape_string(trim($_POST["username"])) . "\" LIMIT 1"; $result = $db->query($query); if ($result->num_rows < 1) { die("An unexpected error has occurred. The problem should go away by itself after some time."); } $row = $result->fetch_assoc(); $_SESSION["userkey"] = $row["userkey"]; $_SESSION["usertype"] = $row["usertype"]; if (!$PrivAuthWorker->authenticate($_SESSION["usertype"]) && !$TimeAuthWorker->authenticate()) { $this->authenticationStatus = 2; } else { header("Location: " . GenerateRootPath::getRoot(1) . "/dashboard/"); exit; } } else { $this->authenticationStatus = 0; } } //generates header from <!DOCTYPE html> all the way to </head> //Title of the page is set in constructor i.e. new HeaderProduct("Title of page here"); $headerFactory = new HeaderFactory(); echo $headerFactory->startFactory(new HeaderProduct("Login - Forex Trading Simulator ", 1)); echo <<<HTML <body class="blue lighten-5"> <div class="container"> <div id="login-card" class="pageCenter card HTML; if ($this->authenticationStatus === 0) { echo " failed"; } echo <<<HTML "> <div class="center"> <h3 class="title">Forex Trading Simulator</h3> <h5 class="title top-margin">Exchange rates, made easier</h5> </div> <form id="loginform" name="loginform" method="post"> <div class="row"> <div class="input-field col s12 m10 l10 push-m1 push-l1"> <i class="material-icons prefix">account_circle</i> HTML; echo "<input type=\"text\" required=\"\" name=\"username\" id=\"username\""; if ($this->authenticationStatus === 2 || $this->authenticationStatus === 0) { echo " value=\"" . htmlentities($_POST["username"], ENT_QUOTES, "UTF-8") . "\""; } echo "/>"; echo <<<HTML <label for="username">Username</label> </div> </div> <div class="row"> <div class="input-field col s12 m10 l10 push-m1 push-l1"> <i class="material-icons prefix">vpn_key</i> <input type="password" name="password" id="password" /> <label for="password">Password</label> </div> </div> <div class="row input-field center" id="Submit"> <button class="btn waves-effect waves-light blue accent-4" type="submit" name="action">Login </button> </div> </form> HTML; if ($this->authenticationStatus === 2) { $db = new UniversalConnect(); $result = $db->query("SELECT starttime FROM startendtime LIMIT 1"); $row = $result->fetch_assoc(); $startTime = $row["starttime"]; echo "<script>alert('The game has not started yet. It starts in " . FormatTimePassed::format($startTime) . ".');window.onload = function(){document.getElementById(\"password\").focus();};</script>"; $db->close(); } echo <<<HTML </div> </div> </body> </html> HTML; }