ob_end_flush();
    $login_output .= "<h1>Logging out ...</h1>" . $deferredScriptBlock;
}
try {
    $logged_in = $user->validateUser($_COOKIE[$cookielink]);
    if (!$user->has2FA() && $require_two_factor === true && !isset($_REQUEST['2fa']) && $logged_in && $_REQUEST['q'] != 'logout') {
        # If require two factor is on, always force it post login
        header("Refresh: 0; url=" . $self_url . "?2fa=t");
        $deferredJS .= "\nwindow.location.href=\"" . $self_url . "?2fa=t\";";
        ob_end_flush();
    }
    # This should only show when there isn't two factor enabled ...
    $twofactor = $user->has2FA() ? "Remove two-factor authentication" : "Add two-factor authentication";
    $phone_verify_template = "<form id='verify_phone' onsubmit='event.preventDefault();'>\n  <input type='tel' id='phone' name='phone' value='" . $user->getPhone() . "' readonly='readonly'/>\n  <input type='hidden' id='username' name='username' value='" . $user->getUsername() . "'/>\n  <button id='verify_phone_button' class='btn btn-primary'>Verify Phone Now</button>\n  <p>\n    <small>\n      <a href='#' id='verify_later'>\n        Verify Later\n      </a>\n    </small>\n  </p>\n</form>";
    try {
        $needPhone = !$user->canSMS();
        $deferredJS .= "console.log('Needs phone? '," . strbool($needPhone) . "," . DBHelper::staticSanitize($user->getPhone()) . ");\n";
        $altPhone = "<p>Congratulations! Your phone number is verified.</p>";
    } catch (Exception $e) {
        $needPhone = false;
        $deferredJS .= "console.warn('An exception was thrown checking for SMS-ability:','" . $e->getMessage() . "');\n";
        $altPhone = "<p>You don't have a phone number registered with us. Please go to account settings and add a phone number.</p>";
    }
    $verifyphone_link = $needPhone ? "<li><a href='?q=verify'>Verify Phone</a></li>" : null;
    $phone_verify_form = $needPhone ? $phone_verify_template : $altPhone;
} catch (Exception $e) {
    # There have been no cookies set.
    $logged_in = false;
    $twofactor = "Please log in.";
}
$login_output = "";
function sendTOTPText($get)
{
    $user = $get['user'];
    # We don't need to verify the user here
    $u = new UserFunctions($user);
    # Ensure the user has SMS-ability and 2FA
    try {
        # Return status
        if (!$u->has2FA()) {
            return array('status' => false, 'human_error' => 'Two-Factor authentication is not enabled for this account', 'error' => 'Two-Factor authentication is not enabled for this account', 'username' => $user);
        }
        if (!$u->canSMS()) {
            return array('status' => false, 'human_error' => "Your phone setup isn't complete", 'error' => 'User failed SMS check', 'username' => $user);
        }
        $result = $u->sendTOTPText();
        return array('status' => $result, 'message' => 'Message sent');
    } catch (Exception $e) {
        return array('status' => false, 'human_error' => 'There was a problem sending your text.', 'error' => $e->getMessage());
    }
}