Merge pull request #2 from UMaine-ASAP/Login-Controller

Login controller seems good. Like the pull request description said, we may have to change how navigating to urls work.

controller/login.php

@@ -0,0 +1,31 @@
+<?php
+	//begin session
+	session_start();
+
+	//get user file
+	require_once dirname(__FILE__) . "/../models/user.php";
+
+	//get the html page ready to be displayed
+	$page = file_get_contents(dirname(__FILE__) . '/../views/login.html');
+	echo $page;
+	if(isset($_POST['submitLogin'])){	//change submitLogin to the equivalent login.html file
+
+		$user = new User(-1); //User with no user id to give
+		$user->User_Login($_POST['postName'], $_POST['postPassword']); //check for right credentials
+
+		//if correct credentials, set SESSION variables and go to correct home page
+		if($user->userID != -1){
+			$_SESSION['user'] = $user;
+			$_SESSION['sessionCheck'] = 'true';
+			if ($_SESSION['user']->userType == 'Student'){
+				header("location:student_home.php");
+			}
+			else{
+				header("location:instructor_home.php");	
+			}
+		}
+		else {
+			echo "Wrong Username/Password</br>Please try again.</br>";
+		}
+	}
+?>

models/user.php

@@ -13,6 +13,11 @@ class User {
 	public $password;
 
 	public function User($user_id){
+		//check to see if valid user_id
+		if($user_id <= -1){
+			return;
+		}
+
 		$this->userID = $user_id;
 
 		$db = GetDB();
@@ -49,6 +54,27 @@ public function User($user_id){
 		}
 	}
 
+	public function User_Login($email, $password){
+		$db = GetDB();
+
+		//query for the user in the database using credentials
+		$query = "SELECT * FROM `user` WHERE `email` = '" .  $email . "' AND `password` = '" .  $password . "';";
+		$result = $db->query($query);
+
+		//if the result isn't empty
+		if($result->num_rows != 0){
+			$user = $result->fetch_array(MYSQLI_BOTH);
+
+			$this->userID = $user['userID'];
+			$this->firstName = $user['firstName'];
+			$this->lastName = $user['lastName'];
+			$this->middleInitial = $user['middleInitial'];
+			$this->userType = $user['userType'];
+			$this->email = $user['email'];
+			$this->password = $user['password'];
+		}
+	}
+
 	public function Save(){
 		if($this->userID != -1){
 			$query = "UPDATE `user` SET ";

views/login.html

@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+<head>
+	<title>Haggis - Sign In</title>
+	<link rel="stylesheet" type="text/css" href="stylesheet.css"/>
+</head>
+<body>
+	<div id="container">
+		<div id="headder">
+			<button type="button">Register</button>
+		</div><!-- end of headder -->
+
+		<div id="login">
+				<h2>Login</h2>
+				<form method='POST' name='login form'>
+					<input type="text" name='postName' placeholder="Username"/>
+					<p><input type="password" name='postPassword' placeholder="Password"/></p>
+					<input type="submit" name='submitLogin' value="Login"></input>
+				</form>
+				<p><a href="passwordreset.php">forgot your password?</a></p>
+		</div> <!-- end of form div-->
+
+		<div id="footer">
+
+
+		</div><!-- end of footer -->
+	</div><!-- end of container div --> 
+
+
+</body>
+
+
+
+
+
+
+</html>

views/passwordreset.php

@@ -0,0 +1,3 @@
+#login{
+	background:red;
+}

views/stylesheet.css

@@ -0,0 +1,10 @@
+/*haggis stylesheet*/
+body{
+	border-style:solid;
+	border-width:1px;
+	border-color:black;
+}
+
+#login{
+	align:center;
+}