.
*/
require_once(__DIR__ . '/conf.php');
if (isset($_GET['logout'])) {
$_SESSION['login'] = false;
header('Location: ' . Constants::url_external);
die();
}
if (!isset($_SESSION['login']) || $_SESSION['login'] === false) {
if (isset($_POST['username'])) {
$users = User::search($_pdo, ['`username`=?'], [$_POST['username']]);
if (count($users) == 0) {
$_msg = "No user {$_POST['username']} found.
";
} else {
$user = array_pop($users);
if ($user->verifyPassword($_POST['password'])) {
$_SESSION['login'] = $user->id;
$_user = $user;
return;
} else {
$_msg = "Password incorrect.
";
}
}
}
include('./header.php');
?>
isAdmin()) {
include('./header.php');
include('./nav.php');
?>
Access denied
You need to be an administrator to access this page.