<?php
    class Login {
        private $username;
        private $password;
        private $conn;
        public $error;

        public function __construct($username, $password, $conn) {
            $this->username = trim($username);
            $this->password = trim($password);
            $this->conn = $conn;
        }

        public function checkUsername() {
            if (empty($this->username)) {
                $this->error = "Please fill out all of the fields.";
            } else {
                $stmt = $this->conn->prepare("SELECT username FROM accounts WHERE username = :username");
                $stmt->bindParam(":username", $this->username);
                $stmt->execute();

                if ($stmt->rowCount() == 0) 
                    $this->error = "Incorrect username or password.";
            }

            return $this->error;
        }

        public function checkPassword() {
            if (empty($this->password)) {
                $this->error = "Please fill out all of the fields.";
            } else {
                $stmt = $this->conn->prepare("SELECT password FROM accounts WHERE username = :username");
                $stmt->bindParam(":username", $this->username);
                $stmt->execute();

                $user = $stmt->fetch(PDO::FETCH_ASSOC);
                
                if ($user == NULL || !password_verify($this->password, $user["password"])) 
                    $this->error = "Incorrect username or password.";
            }

            return $this->error;
        }

        public function authUser() {
            session_regenerate_id(true);
            $_SESSION['user'] = $this->username;
            return true;
        }
    }
?>