<?php

/**
* Enregistre un nouveau commentaire
*
* @param string $user nom de l'utilisateur
* @param string $password user's password
*/
function login($user, $password)
{
    $pdo = getDatabaseConnection();

    $query = $pdo->prepare('SELECT * FROM user');

    $query->execute();
    
    $userList = $query->fetchAll();

    foreach ($userList as $k) {
        if ($k['user'] == $user && $k['password'] == $password) {
            
            session_start();
            
            $_SESSION['user'] = $user;
            $_SESSION['password'] = $password;
            
            header('Location: admin.php');
            
        } else {
            header('Location: index.php');
        }
    }
}