<?php

require_once "database.php";

/* if ($_POST['email'] == "" || $_POST['password'] == "" ) {
	exit('Please fill both the username and password fields!');
} */

if ($stmt = $con->prepare('SELECT id, password, name, surname, office, role, gender, enable FROM users WHERE email = ? AND enable = 1')) {
    $stmt->bind_param('s', $_POST['email']);
    $stmt->execute();
    $stmt->store_result();

    if ($stmt->num_rows > 0) {
        $stmt->bind_result($id, $password, $name, $surname, $office, $role, $gender, $enable);
        $stmt->fetch();

        if ($enable) {
            if (password_verify($_POST['password'], $password)) {
                session_regenerate_id();
                $_SESSION['loggedin'] = TRUE;
                $_SESSION['name'] = $name;
                $_SESSION['surname'] = $surname;
                $_SESSION['username'] = $name . " " . $surname;
                $_SESSION['id'] = $id;
                $_SESSION['office']       = $office;
                $_SESSION['role']         = $role;
                $_SESSION['email']        = $_POST['email'];
                $_SESSION['gender']       = $gender;

                /* header('Location: ../index.php?login=true'); */
                echo "ok";
            } else {
                /* header('Location: ../login.php?error=true&errorDetails=wrongPassword'); */
                echo "error";
            }
        } else {
            /* header('Location: ../login.php?error=true&errorDetails=disabledUser'); */
            echo "notEnable";
        }
    } else {
        /* header('Location: ../login.php?error=true&errorDetails=wrongEmail'); */
        echo "error";
    }

    $stmt->close();
}