<?php if ($_SERVER["REQUEST_METHOD"] == "GET") { exit(file_get_contents("templates/login.html")); } // The request isn't GET, so it's probably POST. utils::require_params($_POST, ["username", "password"], "POST"); if (usertils::check_credentials($_POST["username"], $_POST["password"])) { env::$username = $_POST["username"]; env::$role = usertils::get_user($_POST["username"])["roles"]; http_response_code(302); // temporary redirect header("location: index.php?action=list&login=success"); // todo set an *appropriate* cookie here // todo output a nice login success page here? exit; } // The login failed! http_response_code(401); // todo output a nice login failed page here. header("content-type: text/plain"); exit("Login failed.");