<?php
    session_start();

    $server = "localhost";
    $database = "friendBook";
    $username = "web";
    $password = "Password456";

    try{
        $connection = new PDO("mysql:host=$server;dbname=$database", $username, $password);
        $connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        echo "Connected successfully";
        if($_POST["Username"] != "" && $_POST["Password"] != ""){
            $matchingUsers = $connection->query("SELECT COUNT(*) FROM login WHERE username = '".$_POST["Username"]."' and pword = '".$_POST["Password"]."'");
            if($matchingUsers > 0){
                // User has been authenticated; set user as logged in
                $_SESSION["loggedInUser"] = "".$_POST["Username"]."";
                $_SESSION["loginError"] = "";
                // Move onto landing page
                header("Location: /landingPage.html");
                die();
            }else{
                // No matching users found, send user error
                $_SESSION["loginError"] = "Invalid Username or Password";
                // Return to login page
                header("Location: /login.php");
                die();
            }
        }else{
            // Return to login page, as credentials were not captured
            $_SESSION["loginError"] = "Login credentials not found, please try again";
            header("Location: /login.php");
            die();
        }
    }
    catch(PDOException $e){
        echo "Error: " . $e->getMessage();
    }
    $connection = null;
?>