<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
session_start();
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
require_once 'Functions/DB/db_credentials.php';
require_once 'Functions/DB/db_connection.php';
include_once "Functions/Error/errorHandler.php";
// check if $dbc is set
if (!isset($dbc) || !$dbc) {
die("Database connection failed.");
}
// ***************** HANDLE LOGIN *****************
if (isset($_POST["BUTTON_login"])) {
$email = $_POST["DATA_email"];
$password = $_POST["DATA_password"];
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
$password = filter_var($password, FILTER_SANITIZE_SPECIAL_CHARS);
if (empty($_POST["DATA_email"]) || empty($_POST["DATA_password"])) {
setError("Please enter both email and password.");
} else {
$query = "SELECT pk_userID, passwordHash, email, isAdmin, isActive FROM citeLeParis_user WHERE email = ?";
$stmt = mysqli_prepare($dbc, $query);
if ($stmt) {
mysqli_stmt_bind_param($stmt, "s", $email);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$user = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
// ***************** VERIFY PASSWORD & STATUS *****************
if (!$user || !password_verify($password, $user["passwordHash"])) {
setError("Invalid email or password.");
} elseif ($user["isActive"] != 1) {
setError("Your account is not active.");
} else {
$_SESSION["email"] = $user["email"];
$_SESSION["userID"] = $user["pk_userID"];
$_SESSION["isAdmin"] = $user["isAdmin"];
header("Location: index.php?page=schedule");
exit();
}
} else {
setError("Database error. Please try again later.");
}
}
}
// ***************** HANDLE REDIRECT TO MANAGE SHIFT *****************
if (isset($_POST['goToManageShift'])) {
header("Location: index.php?page=manage_shift");
exit();
}
?>
<!DOCTYPE html>
<!-- English european audience -->
<html lang="en-150">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- SEO Meta Tags -->
<meta name="description" content="Manage cinema screenings efficiently with our rotation system. Schedule films, check availability, and receive reminders.">
<meta name="keywords" content="cinema, movie scheduling, film rotation, KDM validity, theater management, screenings">
<meta name="author" content="Ciné le Paris - Beetebourg">
<!-- Favicon -->
<link rel="icon" type="image/svg" href="Images/cine_le_paris_logo.svg">
<!-- Styles -->
<link rel="stylesheet" href="Styles/styles.css">
<!-- FullCalendar CSS -->
<link href="https://cdn.jsdelivr.net/npm/fullcalendar@5.11.3/main.min.css" rel="stylesheet">
<!-- FullCalendar CSS v6 -->
<!-- <link href="https://cdn.jsdelivr.net/npm/@fullcalendar/core@6.1.15/main.min.css" rel="stylesheet" /> -->
<title>Ciné le Paris - Beetebuerg</title>
</head>
<body>
<?php
include_once "Pages/nav.php";
?>
<main>
<?php
$page = "";
if (isset($_GET['page'])) {
$page = $_GET['page'];
}
else{
$page = "login"; // if no page is set, go to login page
}
$filePath = "Pages/" . $page . ".php";
if (file_exists($filePath)) {
include_once $filePath;
} else {
http_response_code(404);
include_once "Pages/page_not_found.php";
}
// close the database connection only if it's valid
if (isset($dbc) && $dbc) {
mysqli_close($dbc);
}
?>
<?php include_once "Functions/Error/errorDisplay.php"; ?>
</main>
<?php include_once "Pages/footer.php"; ?>
<!-- FullCalendar JS -->
<script src="https://cdn.jsdelivr.net/npm/fullcalendar@5.11.3/main.min.js"></script>
<script type="module" src="./Scripts/calendar.js"></script>
</body>
</html>