<?php session_start(); session_regenerate_id(TRUE); require_once '../Model/Account.php'; require_once '../Model/PWDSecHandler.php'; if (isset($_POST['email']) && isset($_POST['password'])) { $email = htmlentities(strip_tags($_POST['email'])); $password = htmlentities(strip_tags($_POST['password'])); $isLocked = PWDSecHandler::isLocked($email); if ($isLocked === NULL) { echo 'Invalid E-Mail Address or Password.'; echo "<a href='../View/index.php'>Click here to go back to the HomePage</a>"; } else { if (is_string($isLocked)) { //if the user has been locked and the locked_until is returned. echo 'You have been locked until ' . $isLocked . '!<br>'; echo "<a href='../View/index.php'>Click here to go back to the HomePage</a>"; } else { $user = Account::login($email, $password); if (is_string($user)) { echo 'Invalid E-Mail Address or Password.'; echo "<a href='../View/index.php'>Click here to go back to the HomePage</a>"; PWDSecHandler::incFailedAtmp($email); } else { PWDSecHandler::clearLock($email); $_SESSION['email'] = $user->email; $_SESSION['firstname'] = $user->firstName; $_SESSION['lastname'] = $user->lastName; if ($user instanceof Customer) { $_SESSION['isEmployee'] = false;