Task #8


<?php
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $iam = mysqli_real_escape_string($conn, $_POST['iam']);
        $password = $_POST['password'];

        $sql = "SELECT * FROM workflowManager_User WHERE iam = '$iam'";
        $result = mysqli_query($conn, $sql);

        if ($user = mysqli_fetch_assoc($result)) {
            // verify the password
            if (password_verify($password, $user['passwordHash'])) {
                $_SESSION['user'] = $user;
                header('Location: index.php');
                exit;
            } else {
                $error = "Invalid credentials";
            }
        } else {
            $error = "Invalid credentials";
        }
    }
?>

<h2>Login</h2>
<?php if (isset($error)): ?>
    <div class="alert alert-error"><?= $error ?></div>
<?php endif; ?>
<form method="POST" action="index.php?page=login">
    <div class="form-group">
        <label for="iam">IAM (Identity and Access Management):</label>
        <input type="text" id="iam" name="iam" required>
    </div>
    <div class="form-group">
        <label for="password">Password:</label>
        <input type="password" id="password" name="password" required>
    </div>
    <button type="submit" class="btn">Login</button>
</form>