function authUser($user, $pass)
{
$db = getDB();
$query = 'SELECT username, hash, groups FROM gpadb.users WHERE username LIKE :user';
$stmt = $db->prepare($query);
$stmt->bindParam(':user', $user);
$stmt->execute();
$rows = $stmt->fetch(PDO::FETCH_ASSOC);
$group = $rows['groups'];
$hash = $rows['hash'];
$_SESSION['user'] = $user;
if (password_verify($pass, $hash)) {
$_SESSION['password'] = $hash;
header('Location: ../main');
} else {
$_SESSION['loginError'] = true;
array_push($_SESSION['error'], 'That did not work; please try again');
destroySessionsButKeepErrors();
header('Location: ../');
}
}
function logout()
{
destroySessionsButKeepErrors();
// session_destroy();
// session_write_close();
header('Location: ../index.php');
}
</head>
<body>
<h1>GPA 4 Me</h1>
<div class='logonForm'>
<form action='login/' name='login' class='logon' method='POST'>
<input type='text' name='user' id='user' placeholder='Login' /> <br>
<input type='password' name='password' id='password' placeholder='Password' /> <br>
<div class='btnHeader'>
<input type='submit' class='btn' name='login' value='Login' />
<input type='submit' class='btn' name='register' value='Register' />
</div>
</form>
<?php
if (isset($_SESSION['loginError'])) {
unset($_SESSION['loginError']);
array_push($_SESSION['error'], 'That did not work; please try again');
printErrors();
// Get the username attempted to login as; set this as the text field value for the username when page redirects
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
echo "<script>\$('#user').val('" . $user . "')</script>";
$user = null;
destroySessionsButKeepErrors();
}
}
?>
</div>
</body>
</html>