| 
<?php
 include_once 'config.php';
 include_once 'src/Database.php';
 include_once 'src/User.php';
 include_once 'src/Auth.php';
 include_once 'src/Utility.php';
 include_once 'src/Room.php';
 
 $utils = new Utility();
 $db = new Database($config);
 $auth = new Auth($db);
 $user = new User($db);
 $rooms = new Room($db);
 
 /** Lock out time used for brute force protection */
 
 $lockout_time = 10;
 $room = $rooms->getAll();
 
 /** Check if user is already log in */
 
 if (isset($_SESSION['loggedin'])) {
 $utils->redirect("index.php");
 }
 
 if ($_SERVER['REQUEST_METHOD'] == "POST") {
 $username = $utils->sanitize($_POST['username']);
 $password = $utils->sanitize($_POST['password']);
 
 $loginstatus = $auth->newLogin($username, $password);
 
 if ($loginstatus == 200) {
 session_regenerate_id();
 
 $_SESSION['loggedin'] = true;
 $_SESSION['username'] = $username;
 $_SESSION['room_id'] = ($_POST["room"] == "0") ? "1" : $_POST['room'];
 
 $user->setOnline($username, $_SESSION['room_id']);
 
 $utils->redirect("index.php");
 } elseif ($loginstatus == 401) {
 $error = "Username or Password is incorrect.";
 } elseif ($loginstatus == 403) {
 $error = "This account has been locked because of too many failed logins.
 \nIf this is the case, please try again in $lockout_time minutes.";
 } else {
 $error = "Unexpected error occurred !";
 }
 }
 
 |