172 lines
8.2 KiB
PHP
172 lines
8.2 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
require_once __DIR__ . '/includes/layout.php';
|
|
|
|
ensure_schema();
|
|
|
|
$errors = [];
|
|
$successMessage = '';
|
|
|
|
// If logged in, redirect home
|
|
if (isset($_SESSION['user_id'])) {
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
if (isset($_POST['action']) && $_POST['action'] === 'login') {
|
|
$email = trim($_POST['email'] ?? '');
|
|
$password = (string)($_POST['password'] ?? '');
|
|
|
|
if ($email === '' || $password === '') {
|
|
$errors[] = 'Please enter both email and password.';
|
|
} else {
|
|
$stmt = db()->prepare("SELECT id, password, role, status FROM users WHERE email = ? LIMIT 1");
|
|
$stmt->execute([$email]);
|
|
$user = $stmt->fetch();
|
|
|
|
if ($user && password_verify($password, $user['password'])) {
|
|
if ($user['status'] === 'pending') {
|
|
$errors[] = 'Your account is pending approval.';
|
|
} elseif ($user['status'] === 'rejected') {
|
|
$errors[] = 'Your account has been rejected.';
|
|
} elseif ($user['status'] === 'suspended') {
|
|
$errors[] = 'Your account has been suspended.';
|
|
} else {
|
|
// Login successful
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['user_role'] = $user['role'];
|
|
|
|
// Redirect based on role
|
|
if ($user['role'] === 'admin') {
|
|
header('Location: ' . url_with_lang('admin_dashboard.php'));
|
|
} elseif ($user['role'] === 'shipper') {
|
|
header('Location: ' . url_with_lang('shipper_dashboard.php'));
|
|
} else {
|
|
header('Location: ' . url_with_lang('truck_owner_dashboard.php'));
|
|
}
|
|
exit;
|
|
}
|
|
} else {
|
|
$errors[] = 'Invalid email or password.';
|
|
}
|
|
}
|
|
} elseif (isset($_POST['action']) && $_POST['action'] === 'reset_password') {
|
|
$email = trim($_POST['reset_email'] ?? '');
|
|
if ($email === '') {
|
|
$errors[] = 'Please enter your email to reset password.';
|
|
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
$errors[] = 'Please enter a valid email address.';
|
|
} else {
|
|
$stmt = db()->prepare("SELECT id FROM users WHERE email = ? LIMIT 1");
|
|
$stmt->execute([$email]);
|
|
if ($stmt->fetch()) {
|
|
// In a real app we'd send an email with a reset token here.
|
|
// Since this is a demo, we will just show a success message.
|
|
$successMessage = 'A password reset link has been sent to your email address (simulated).';
|
|
} else {
|
|
// To prevent email enumeration, still say a link was sent.
|
|
$successMessage = 'A password reset link has been sent to your email address (simulated).';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
render_header('Login / Reset Password', 'login', false, false);
|
|
?>
|
|
<div class="row justify-content-center align-items-center" style="min-height: 75vh;">
|
|
<div class="col-md-6 col-lg-5">
|
|
|
|
<div class="text-center mb-5">
|
|
<?php
|
|
$appName = get_setting('company_name', t('app_name'));
|
|
$logoPath = get_setting('logo_path');
|
|
?>
|
|
<?php if ($logoPath): ?>
|
|
<img src="<?= e($logoPath) ?>" alt="<?= e($appName) ?> Logo" class="img-fluid mb-3" style="max-height: 80px;">
|
|
<?php else: ?>
|
|
<div class="d-inline-flex align-items-center justify-content-center bg-primary text-white rounded-circle shadow-lg mb-3" style="width: 80px; height: 80px;">
|
|
<i class="bi bi-truck fs-1"></i>
|
|
</div>
|
|
<?php endif; ?>
|
|
<h1 class="fw-bold text-dark display-6"><?= e($appName) ?></h1>
|
|
<p class="text-muted lead">Your logistics partner</p>
|
|
</div>
|
|
|
|
<?php if ($errors): ?>
|
|
<div class="alert alert-danger shadow-sm rounded-4 border-0 mb-4">
|
|
<ul class="mb-0">
|
|
<?php foreach ($errors as $e): ?>
|
|
<li><?= e($e) ?></li>
|
|
<?php endforeach; ?>
|
|
</ul>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<?php if ($successMessage): ?>
|
|
<div class="alert alert-success shadow-sm rounded-4 border-0 mb-4">
|
|
<?= e($successMessage) ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<div class="card shadow-sm border-0 rounded-4 mb-4" id="loginFormCard">
|
|
<div class="card-body p-4 p-md-5">
|
|
<div class="text-center mb-4">
|
|
<h2 class="fw-bold text-dark"><?= e(t('login_title')) ?></h2>
|
|
<p class="text-muted"><?= e(t('login_subtitle')) ?></p>
|
|
</div>
|
|
|
|
<form method="post" action="">
|
|
<input type="hidden" name="action" value="login">
|
|
|
|
<div class="mb-3">
|
|
<label for="email" class="form-label fw-bold"><?= e(t('email_address')) ?></label>
|
|
<input type="email" class="form-control form-control-lg bg-light border-0 rounded-3" id="email" name="email" required autofocus placeholder="<?= e(t('email_placeholder')) ?>">
|
|
</div>
|
|
|
|
<div class="mb-4">
|
|
<div class="d-flex justify-content-between align-items-center mb-1">
|
|
<label for="password" class="form-label fw-bold mb-0"><?= e(t('password')) ?></label>
|
|
<a href="#" class="small text-decoration-none text-primary" onclick="document.getElementById('loginFormCard').classList.add('d-none'); document.getElementById('resetFormCard').classList.remove('d-none'); return false;"><?= e(t('forgot_password')) ?></a>
|
|
</div>
|
|
<input type="password" class="form-control form-control-lg bg-light border-0 rounded-3" id="password" name="password" required placeholder="<?= e(t('password_placeholder')) ?>">
|
|
</div>
|
|
|
|
<button type="submit" class="btn btn-primary btn-lg w-100 rounded-pill fw-bold shadow-sm"><?= e(t('sign_in')) ?></button>
|
|
|
|
<div class="text-center mt-4">
|
|
<p class="text-muted small mb-0"><?= e(t('dont_have_account')) ?> <a href="<?= e(url_with_lang('register.php')) ?>" class="text-decoration-none text-primary fw-bold"><?= e(t('register_now')) ?></a></p>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="card shadow-sm border-0 rounded-4 mb-4 d-none" id="resetFormCard">
|
|
<div class="card-body p-4 p-md-5">
|
|
<div class="text-center mb-4">
|
|
<h2 class="fw-bold text-dark"><?= e(t('reset_password_title')) ?></h2>
|
|
<p class="text-muted"><?= e(t('reset_password_subtitle')) ?></p>
|
|
</div>
|
|
|
|
<form method="post" action="">
|
|
<input type="hidden" name="action" value="reset_password">
|
|
|
|
<div class="mb-4">
|
|
<label for="reset_email" class="form-label fw-bold"><?= e(t('email_address')) ?></label>
|
|
<input type="email" class="form-control form-control-lg bg-light border-0 rounded-3" id="reset_email" name="reset_email" required placeholder="<?= e(t('email_placeholder')) ?>">
|
|
</div>
|
|
|
|
<button type="submit" class="btn btn-primary btn-lg w-100 rounded-pill fw-bold shadow-sm mb-3"><?= e(t('send_reset_link')) ?></button>
|
|
|
|
<div class="text-center">
|
|
<a href="#" class="text-decoration-none text-muted small fw-bold" onclick="document.getElementById('resetFormCard').classList.add('d-none'); document.getElementById('loginFormCard').classList.remove('d-none'); return false;"><i class="bi bi-arrow-left me-1"></i><?= e(t('back_to_login')) ?></a>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
|
|
<?php render_footer(false); ?>
|