redesigned code

website/queries/checkInput.php

@@ -38,7 +38,8 @@ function checkName($variable){
     if (empty($variable)) {
         throw new lettersAndSpacesException("Verplicht!");
     } else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
-        throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
+
+            throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
     }
 }
 

website/queries/login.php

@@ -4,7 +4,8 @@ function getUser() {
     $stmt = $GLOBALS["db"]->prepare("
     SELECT
       `password`,
-      `userID`
+      `userID`,
+      `role`
     FROM
       `user`
     WHERE
@@ -15,3 +16,40 @@ function getUser() {
     $stmt->execute();
     return $stmt->fetch(PDO::FETCH_ASSOC);
 }
+
+function validateLogin($username, $password){
+    // Empty username or password field
+    if (empty($username) || empty($password)) {
+        throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
+    }
+    else {
+        $psw = test_input($password);
+        $hash = getUser()["password"];
+        $userID = getUser()["userID"];
+        $role = getUser()["role"];
+
+        // If there's an account, go to the profile page
+        if(password_verify($psw, $hash)) {
+            if ($role == "banned"){
+                echo "<script>
+                         window.onload=bannedAlert();
+                    </script>";
+            } else {
+                $_SESSION["userID"] = $userID;
+                header("location: profile.php");
+            }
+        } else {
+            throw new loginException("Inloggevens zijn niet correct");
+        }
+
+    }
+}
+
+class loginException extends Exception
+{
+    public function __construct($message = "", $code = 0, Exception $previous = null)
+    {
+        parent::__construct($message, $code, $previous);
+    }
+}
+?>