<?
include "template.inc";
include "functions.php";
include "global.php";

	session_start();
	
	// Connect to database
	$dblink = mysql_connect(HOSTNAME, USERNAME, PASSWORD); 
	mysql_select_db(DATABASE, $dblink); 

	if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
		if ( login() ) {
			if ( isset($_SESSION['link']) ) {
				$link = $_SESSION['link'];
				unset($_SESSION['link']);
				redirect($link);
			}
			redirect('index.php');
		} else {
			redirect('login.php');
		}
	}
	
	$t = new Template();
	$t->set_file('main','login.htm');

	$t->set_var('msg',$_SESSION['msg']);
	unset($_SESSION['msg']);
	
	$t->set_var('msg2',$_SESSION['msg2']);
	unset($_SESSION['msg2']);
	
	$t->pparse('_main','main');
	
function login()
{

	$username = prepData($_REQUEST['username']);
	$password = prepData($_REQUEST['password']);
	
	$query = "SELECT user_id FROM user WHERE user_name = '$username' AND user_pass = '$password'";
	$result = mysql_query($query);
	if ( $result && mysql_num_rows($result) ) {
		$_SESSION['user_id'] = mysql_result($result,0,0);
		return 1;
	}
	
	$_SESSION['msg'] = "Login failed";
	unset($_SESSION['user_id']);	
	return 0;
	
}


?>