<?php

use mystic\forum\orm\User;
use mystic\forum\utils\RequestUtils;

$formId = "login";
$username = RequestUtils::getRequiredField("username", $formId);
$password = RequestUtils::getRequiredField("password", $formId);

$user = new User();
$user->name = $username;
if (!$db->fetchWhere($user, "name") || !password_verify($password, $user->passwordHash)) {
    RequestUtils::triggerFormError(__("Username or password incorrect!"), $formId);
}

if (!$user->activated) {
    RequestUtils::triggerFormError(__("Please activate your user account first!"), $formId);
}

RequestUtils::setAuthorizedUser($user);
header("Location: " . ($_GET["next"] ?? "."));