<?php


$Benutzername = $_POST["username"];
$Passwort = $_POST["password"];

$Passwort = hash('sha512',$Passwort);

$sql = "SELECT * FROM `VokabelBox2Users` WHERE (`username` = '$Benutzername' AND `password` = '$Passwort') OR (`email` = '$Benutzername' AND `password` = '$Passwort') AND `loginfails` <= '5'";
$result_articles = $conn->query($sql);

if(mysqli_num_rows($result_articles))
{


$conn->query("UPDATE `VokabelBox2Users` SET `loginfails`= '0' WHERE `username` = '$Benutzername' OR `email` = '$Benutzername'");

  setcookie('everloggedin', 'true', time() + (86400 * 30 * 365), "/");

  $_SESSION["Benutzername"] = $Benutzername;
  $_SESSION["Passwort"] = $Passwort;

  echo "true";

}
else {

$conn->query("UPDATE `VokabelBox2Users` SET `loginfails`= `loginfails` + 1 WHERE `username` = '$Benutzername' OR `email` = '$Benutzername'");


  $sql = "SELECT * FROM `VokabelBox2Users` WHERE (`username` = '$Benutzername' OR `email` = '$username') AND `loginfails` > '5'";
  $result_articles = $conn->query($sql);
  if(mysqli_num_rows($result_articles))
  {
    echo "loginfails";
    die();
  }
  echo "false";
}

?>