<? session_start();
include("includes.ini.php"); ?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Log In</title>
</head>

<body>
<?
if(!$_POST['submit']){
?>
<form method="post" action="<?=$_SERVER['php_self']?>">
<label for="username">Username</label>
<input type="text" name="username" id="username">
<label for="password">Password</label>
<input type="password" name="password" id="password">
<button type="submit" name="submit" value="submit">Submit</button>
</form>
<?
}else{
//Normally get this from a DB
$correctUsername = "dauld";
$correctPassword = "Meatpie1";
$submittedUsername = $_POST['username'];
$submittedPassword = $_POST['password'];
if($correctUsername == $submittedUsername && $correctPassword == $submittedPassword){
//user authenticated
$_SESSION['auth'] = true;
}else{
echo "<h1>Incorrect credentials</H1>";
nav();
}

}
?>
</body>
</html>