Пример #1
0
/**
 * Control the flow of the login process
 *
 * Depending on the state of the widget, this function uses session variables
 * to store values
 */
function control_login()
{
    /*
     * Mixing GET and POST variables feels a little awkward. I'd prefer POST
     * variables only, but you cannot set them via HTML links and a button for
     * the link would look plain ugly, I think :-/
     */
    // set session action to show password retrieval form
    if (!empty($_GET['action'])) {
        if ($_GET['action'] == 'retrieve_code') {
            Session::set_next_widget_task('retrieve_code');
        }
    }
    // Oh, master, what is thy desire?
    if (!empty($_POST['YALW_option'])) {
        switch ($_POST['YALW_option']) {
            case 'YALW_user_login':
                $events = Handlers::handle_login();
                break;
            case 'retrieve_code':
                $events = Handlers::handle_code_retrieval();
                break;
            case 'YALW_enter_code':
                $events = Handlers::handle_reset_code();
                break;
            case 'YALW_reset_password':
                $events = Handlers::handle_reset_password();
                break;
            default:
                $events = null;
                // should not be necessary, but who knows...
        }
    }
    // store any error that may have occured for Display
    if (!empty($events)) {
        Session::set_events($events);
        /*
         * TODO: Implement an option that will allow admins to receive
         * a notification if an exception occured such as an unexpected
         * internal error, problems with the database or a likely attack
         */
    }
}