<?php
 session_start();
 include("connect.php");
 if(isset($_GET['username']) && isset($_GET['wachtwoord'])) {
	$username = $_GET['username'];
	$password = $_GET['wachtwoord'];
	
	$username = mysql_real_escape_string($username);
	$password = mysql_real_escape_string($password);
	
	$query = sprintf("SELECT accounts.account_id, accounts.emailadres, accounts.wachtwoord, accounts.aanhef, accounts.achternaam, accounts.status, accounts.geactiveerd FROM accounts WHERE emailadres = '%s' AND wachtwoord = '%s' LIMIT 0,1", $username, $password);
	
	$result = mysql_query($query);
	$record = mysql_fetch_assoc($result);
	$datum = date("d.m.y");
	$tijd = date("H:i:s");  
	$id = $record['account_id'];
	$emailadres = $record['emailadres'];
	$wachtwoord = $record['wachtwoord'];
	$aanhef = $record['aanhef'];
	$achternaam = $record['achternaam'];
	$geactiveerd = $record['geactiveerd'];
	$status = $record['status'];
	
	if($result){
		if ($emailadres == $username && $wachtwoord == $password && $geactiveerd == "ja" && $status == "open"){
			$q = "INSERT INTO inloggen(account_id, taal, datum, tijd) VALUES ('$id', 'de', '$datum', '$tijd')";
			$r = mysql_query($q);
			echo "&query_ok=goed";
			echo "&aanhef=". $aanhef . "";
			echo "&achternaam=". $achternaam . "";
			$_SESSION['login_oke'] = true;
			$_SESSION['id'] = $id;
		} else{
			echo "&query_ok=fout";
		}
	}else{
		echo "&query_ok=error";
	}
}
?>