/** * Control the flow of the login process * * Depending on the state of the widget, this function uses session variables * to store values */ function control_login() { /* * Mixing GET and POST variables feels a little awkward. I'd prefer POST * variables only, but you cannot set them via HTML links and a button for * the link would look plain ugly, I think :-/ */ // set session action to show password retrieval form if (!empty($_GET['action'])) { if ($_GET['action'] == 'retrieve_code') { Session::set_next_widget_task('retrieve_code'); } } // Oh, master, what is thy desire? if (!empty($_POST['YALW_option'])) { switch ($_POST['YALW_option']) { case 'YALW_user_login': $events = Handlers::handle_login(); break; case 'retrieve_code': $events = Handlers::handle_code_retrieval(); break; case 'YALW_enter_code': $events = Handlers::handle_reset_code(); break; case 'YALW_reset_password': $events = Handlers::handle_reset_password(); break; default: $events = null; // should not be necessary, but who knows... } } // store any error that may have occured for Display if (!empty($events)) { Session::set_events($events); /* * TODO: Implement an option that will allow admins to receive * a notification if an exception occured such as an unexpected * internal error, problems with the database or a likely attack */ } }