<?php
include 'core/bd.php';

$title = URL.': Вход';
include 'core/head.php';

if ($user_id) header('Location:/');
 
if (!empty($_POST['pass']) or !empty($_POST['email'])) {
  $pass = htmlspecialchars($_POST['pass']);
	$mail = htmlspecialchars($_POST['email']);
	
		# проверяем
	if (empty($mail)) $err= "Пожалуста укажите E-mail.";
	if (empty($pass)) $err= "Пожалуста укажите Пароль.";
	if (!$err) {
if ($mysqli->query("SELECT * FROM `user` WHERE `mail` = '".$mail."'")->num_rows == false) $err = 'E-mail или Пароль указан неверно';
if ($mysqli->query("SELECT * FROM `user` WHERE `pass` = '".md5(md5($pass))."'")->num_rows == false) $err = 'E-mail или Пароль указан неверно';
}
	if (!$err)
	{
	session_start();
  setcookie("mail", $mail, time() + (86400 * 30), '/'); 
  setcookie("pass", $pass, time() + (86400 * 30), '/'); 
  header('Location:/');
	}
}

echo '<form action="load.php" method="post" enctype="multipart/form-data">';
echo '<div class="block_load"><div class="logo"><center><img src="style/img/logo.png" alt=""></center>';
if ($err == true) echo '<span class="err"><center><b>'.$err.'</b></center></span>';;
echo '<input type="email" name="email" placeholder="E-mail">';
echo '<input type="password" name="pass" placeholder="Пароль">';
echo '<table>
		<td width="10px"><a href="reg.php" onclick="Page.Go(this.href); return false">Регистрация</a></td>
		<td width="100%"></td>
		<td width="20px"><button name="submit" type="submit"><span class="material-icons">input</span></button></td>
	</table>';
echo '</div>';
echo '</form>';



include 'core/foot.php';
?>