<?php
require '../config.php';
require_once(TEMPLATES_PATH . "/header.php");
session_start();

$conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
$query = "SELECT id, username, password FROM users WHERE username = '$_POST[username]'";
$result = $conn->query($query)->fetch();

if(password_verify($_POST['password'], $result['password'])) {
    echo 'password verified';
    $_SESSION['user_name'] = $result['username'];
    $_SESSION['user_id'] = $result['id'];
} else {
    echo 'wrong password';
}

header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]");

require_once(TEMPLATES_PATH . "/footer.php");
?>