<?php 
$doc = "login";
include_once 'includes/header.inc.php'; 

//receive form
if(isset($_POST['submit'])){
    $username = $_POST['username'];
    $password = md5($_POST['password']);
    $remember = $_POST['rememberme'];
    $correct = false;
    
    $query = $database->query("SELECT * FROM `cal_users` WHERE `username` = '$username' AND `password` = '$password'");
    while($row = mysql_fetch_assoc($query)){
        if($remember == "on"){
            ini_set('session.gc_maxlifetime', 31536000);
        }
        
        $_SESSION['userid'] = $row['id'];
        header("location: index.php");
    }
    
    if($correct == false){
        ?>
        <div class="alert alert-error">
            Username or password are wrong
        </div>
        <?php
    }
}
?>
    <form class="well form-inline" method="post" action="">
        <input type="text" class="input-small" placeholder="Username" name="username">
        <input type="password" class="input-small" placeholder="Password" name="password">
        <button type="submit" class="btn" name="submit">Sign in</button>
    </form>
	<div class="span7">
		<p>username: demo</p>
		<p>password: demo</p>
	</div>
<?php include_once 'includes/footer.inc.php'; ?>