W31/Tp4/authenticate.php

<?php
    session_start();
    require_once('models/User.php');

    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        $login = htmlspecialchars($_POST['login']);
        $passwd = htmlspecialchars($_POST['passwd']);
        try {
            $user = new User($login, $passwd);
            if (!$user->exists()) {
                header('Location: signin.php');
                $_SESSION['message'] = 'Bad password';
                exit();
            }
            $_SESSION['login'] = $login;
            header('Location: welcome.php');
        }
        catch(Exception $e) {
            $_SESSION['message'] = $e->getMessage();
            header('Location: signin.php');
            exit();
        }
    } else {
        header('Location: signin.php');
    }