<?php
    include_once('parameters.php');
    $username = $_POST['username'];
    $userpass = $_POST['userpass'];
    //========================================================================================================================================================
    // Guardem les dades de lusuari a la bdd

    if (loginCheck($username, $userpass, $con)) {

        session_start();
        $_SESSION['userid']=userDetails($username, $con)['bp_user_id'];
        $_SESSION['username']=userDetails($username, $con)['bp_user_name'];

        header("Location: ./my-products.php");

    } else {
        header("Location: ./login-page.php?succes=0");
    }
    function loginCheck($username, $userpass, $con) {
      $sql = $con->prepare("SELECT bp_user_pass FROM bp_users WHERE bp_user_name = ?");
      $sql->bind_param("s", $username);
      $sql->execute();
      $sql->bind_result($encryptedUserpass);
      $sql->fetch();

      return password_verify($userpass, $encryptedUserpass);
    }
    function userDetails($username, $con) {
      $sql = $con->prepare("SELECT bp_user_id, bp_user_name FROM bp_users WHERE bp_user_name = ?");
      $sql->bind_param("s", $username);
      $sql->execute();
      $sql->bind_result($bp_user_id, $bp_user_name);
      $sql->fetch();

      return (array("bp_user_id"=>$bp_user_id, "bp_user_name"=>$bp_user_name));

    }

  ?>