function submitLogin()
{
try {
if (empty($_POST['username']) || empty($_POST['password'])) {
throw new Exception("Username or password missing");
}
$user = new UserToken();
if (!$user->verifyLogin($_POST['username'], $_POST['password'])) {
throw new Exception("Username or password incorrect");
}
$_SESSION['user'] = serialize($user);
if ($user->isFlaggedForPwReset) {
header("Location: admin?action=firstTimeReset");
} else {
if (!empty($user->availiblePeriod)) {
if (!empty($user->appraisee) || !empty($user->appraisee)) {
header('Location: survey');
} else {
header('Location: survey?action=renderForm&r=self&uid=' . $user->availiblePeriod['uid'] . '&u=' . $user->username);
}
} else {
if ($user->isAdmin) {
header('Location: report');
} else {
throw new Exception('All surveys are closed at the moment. Please try again later.');
}
}
}
} catch (Exception $ex) {
header('HTTP/1.0 403 Forbidden', TRUE, 403);
$this->requestLogin($ex);
}
}
