<?php require_once './includes/configuration.php'; require_once './student/student_controller.php'; $display_message = FALSE; $sc = new Student_controller(); if (isset($_POST['login'])) { $user = sanitize_text($_POST['user']); $pass = sanitize_text($_POST['pass']); $error_msg; if ($sc->validate_username($user) !== 1 || $sc->validate_password($pass) === FALSE) { $error_msg = "Invalid username or password"; $display_message; } else { $answer = $sc->log_member_in($user, $pass); if ($answer !== FALSE && $answer !== TRUE) { $display_message = TRUE; } elseif ($answer === FALSE) { $display_message = TRUE; } } if (isset($_SESSION['logged_in'])) { if (!empty($_SESSION['tried_url'])) { $tried_url = $_SESSION['tried_url']; $_SESSION['tried_url'] = null; ?> <script>window.location = "<?php echo $tried_url; ?> ";</script> <?php
//First, let's check if token is correct! $form_token = $_POST['token']; $sess_token = retrieve_session_token(); if ($form_token === $sess_token) { $pass1 = sanitize_text($_POST['password1']); $pass2 = sanitize_text($_POST['password2']); $answer = $sc->create_student($username, $firstname, $lastname, $email, $pass1, $pass2); if ($answer !== TRUE) { ?> <script> window.location = "#sign-up"; </script> <?php $error_message = "You have not filled out the form according to the requirements"; } else { $sc->log_member_in($username, $pass1); ?> <script> alert('Welcome! :)'); window.location = "<?php echo W1BASE; ?> member_area.php"; </script> <?php } } else { $error_message = "It seems as if the form has expired"; } } ?>