<?php
if (empty($_POST) || !isset($_POST['submit'])) {
	die("Login canceled: no post / no submit");
}

require_once('inc/database.php');
$db = new DataBase();
$user = $db->getUserByHandle($_POST['name']);
if ($db->passwordVerify($user['user.id'], $_POST['pass'])) {
	$token = $db->tokenAdd($user['user.id']);
	$token64 = base64_encode($token);
	$expires = time() + 2592000; // 30 days
	setcookie('token', $token64, $expires);
}
header("Location: /");
?>