36782-vm/login.php

<?php
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

require_once __DIR__ . '/includes/i18n.php';
require_once __DIR__ . '/includes/auth.php';
require_once __DIR__ . '/includes/helpers.php';

$error = null;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $email = $_POST['email'] ?? '';
    $password = $_POST['password'] ?? '';
    $role = login($email, $password);

    if ($role) {
        switch ($role) {
            case 'admin':
            case 'finance':
            case 'support':
                header('Location: /admin/products.php');
                break;
            case 'client':
                header('Location: /index.php');
                break;
            case 'supplier':
                // Redirect to a future supplier panel
                header('Location: /index.php'); // Placeholder
                break;
            default:
                header('Location: /index.php');
                break;
        }
        exit();
    } else {
        $error = t('login_error');
    }
}

// If user is already logged in, redirect them
if (is_logged_in()) {
    $role = get_user_role();
     switch ($role) {
        case 'admin':
        case 'finance':
        case 'support':
            header('Location: /admin/products.php');
            break;
        default:
            header('Location: /index.php');
            break;
    }
    exit();
}

$page_title = t('login_header');
?>
<!DOCTYPE html>
<html lang="<?= get_lang() ?>">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title><?php echo htmlspecialchars($page_title); ?> - B2B Commerce</title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css">
    <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
</head>
<body>
    <main class="container my-5">
        <div class="row justify-content-center">
            <div class="col-md-6 col-lg-4">
                <div class="card mt-5">
                    <div class="card-body">
                        <div class="text-center mb-4">
                            <img src="/assets/pasted-20251209-065617-6bf1b4e6.png" alt="Logo" style="width: 150px;">
                        </div>
                        <h1 class="card-title text-center mb-4"><?php echo $page_title; ?></h1>
                        <?php if ($error): ?>
                            <div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
                        <?php endif; ?>
                        <form method="POST">
                            <div class="mb-3">
                                <label for="email" class="form-label"><?= t('login_email') ?></label>
                                <input type="email" class="form-control" id="email" name="email" required>
                            </div>
                            <div class="mb-3">
                                <label for="password" class="form-label"><?= t('login_password') ?></label>
                                <input type="password" class="form-control" id="password" name="password" required>
                            </div>
                            <button type="submit" class="btn btn-primary w-100"><?= t('login_button') ?></button>
                        </form>
                    </div>
                </div>
            </div>
        </div>
    </main>
</body>
</html>