diff --git a/pub/login/php/auth.php b/pub/login/php/auth.php index bfa3698..89bc795 100644 --- a/pub/login/php/auth.php +++ b/pub/login/php/auth.php @@ -13,11 +13,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $password = $_POST['password'] ?? ''; if (empty($username) || empty($password)) { - die("Username and password are required."); + setcookie('login_error', 'Invalid username or password', time() + 3600, '/'); + header('Location: /login/'); + exit; } if ($username !== 'superuser' && !filter_var($username, FILTER_VALIDATE_EMAIL)) { - die("Invalid email address."); + setcookie('login_error', 'Invalid email address', time() + 3600, '/'); + header('Location: /login/'); + exit; } $stmt = $GLOBALS['conn']->prepare("SELECT * FROM system_users WHERE user_email = ? LIMIT 1");