session_start();
if (isset($_SESSION['websiteUser'])) {
if ($_SESSION['websiteUser']->isAuthenticated()) {
session_write_close();
header('Location:restricted.php');
}
}
$missingFields = false;
if (isset($_POST['submit'])) {
if (isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username'] == "" || $_POST['password'] == "") {
$missingFields = true;
} else {
//All fields set, fields have a value
$websiteUser = new WebsiteUser();
if (!$websiteUser->hasDbError()) {
$username = $_POST['username'];
$password = $_POST['password'];
$websiteUser->authenticate($username, $password);
if ($websiteUser->isAuthenticated()) {
$_SESSION['websiteUser'] = $websiteUser;
header('Location:restricted.php');
}
}
}
}
}
?>
<!DOCTYPE html>
<html>
