PaperBag/www/login.php

<?php
require 'webdata/init.php';

$returnToPage = "./";
if(isset($_GET['return'])){
    $returnToPage = $_GET['return'];
}
elseif(isset($_POST['referrerPage'])){
    $returnToPage = $_POST['referrerPage'];
}
elseif(isset($_SERVER['HTTP_REFERER'])){
    $returnToPage = explode($_SERVER['HTTP_HOST'], $_SERVER['HTTP_REFERER'])[1];
}


if(stristr($returnToPage, "login.php") || stristr($returnToPage, "register.php")){
    $returnToPage = "./";
} else {
    $returnToPage = str_ireplace('index.php', '', $returnToPage);
}

if( checkLogin() ){
    header("Location: ".$returnToPage);
}

$msg = [];
if(isset($_GET['thank'])){
    $msg[] = "Thank you for registering. Please log in to continue!";
}

if(isset($_POST) && !empty($_POST)){
    $db = database();
    $data = [];

    foreach($_POST as $key => $value){
        if(($data[$key] = filter($value)) === false){
            print_r($value);
            echo "Failed to sanitize: `".$key."`: ".$value." \t-\t type: ".gettype($value)."\n";
        }
    }

    $err = loginUser($data['loginEmail'], $data['loginPwd']);
    if($err === true){
        header("Location: ".$returnToPage);
        die();
    }
}


?><!DOCTYPE html>
<html lang="en">
<head>
    <?=getHtmlHeaders();?>
    <title>Login - Grocery Assist</title>
</head>
<body id='plan'>
    <?php include 'webdata/navbar.php'; ?>

    <div class='container-sm' style="max-width: 540px;">

        <h1 class="headline text-center">Login</h1>

        <?php if(!empty($err)){
            foreach($err as $e){
                echo "<div class='alert alert-danger' role='alert'>$e</div>";
            }
        }
        if(!empty($msg)){
            foreach($msg as $m){
                echo "<div class='alert alert-success' role='alert'>$m</div>";
            }
        }
        ?>

        <form action="login.php" method="POST">
            <input type="hidden" name="referrerPage" value="<?=$returnToPage;?>">
            <div class="form-group row">
                <label for="inputEmail3" class="col-sm-2 col-form-label">Email</label>
                <div class="col-sm-10">
                    <input type="email" class="form-control" name="loginEmail" id="inputEmail3">
                </div>
            </div>
            <div class="form-group row">
                <label for="inputPassword3" class="col-sm-2 col-form-label">Password</label>
                <div class="col-sm-10">
                    <input type="password" class="form-control" name="loginPwd" id="inputPassword3">
                </div>
            </div>
            <div class="form-check">
                <input class="form-check-input" type="checkbox" id="gridCheck">
                <label class="form-check-label" for="gridCheck">
                    I agree to save a temporary cookie in my browser for the logged in functions to work.
                </label>
            </div>
            <div class="form-group row">
                <button type="submit" class="btn btn-primary mb-3">Login</button>
            </div>
        </form>
        <p>Do you not have an account? <a href="register.php">Register</a> </p>
    </div>

</body>
</html>