<?php
require_once'include/db_config.php' ;

            $username = trim($_POST['username']) ;
			$upass = trim($_POST['pwd']) ;

     		$stmt = $DBcon-> prepare("SELECT * FROM user WHERE USERNAME=:un");
			$stmt->execute(array(":un"=>$username));
			$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
			
			if($stmt->rowCount() == 1)
			{
				
					if($userRow['PASSWORD']==md5($upass))
					{
						$_SESSION['userSession'] = $userRow['USERNAME'];
						$_SESSION['staff'] = $userRow['USERNAME'];
						//$_SESSION['usermail'] = $userRow['userEmail'];$_SESSION['staff']
						//return true;
						header("location: panel/dashboard.php") ;
					}
					else
					{
						$errormsg = 'Invalid Password' ;
						header("location: management.php") ;
					}
					
	}
	else
	{
	$errormsg = 'Invalid Username' ;
	header("location: management.php") ;	
	}
	
			

		
?>