<?php
	// 連接到 MySQL 資料庫
	$servername = "localhost";
	$username = "root";
	$password = "andrejiao9527";
	$dbname = "nat";
	$conn = new mysqli($servername, $username, $password, $dbname);
	// 檢查連線是否成功
	if ($conn->connect_error) {
    	die("Connection failed: " . $conn->connect_error);
	}
	// 處理登入請求
	if ($_SERVER["REQUEST_METHOD"] == "POST") {
    	$username = $_POST["username"];
    	$password = $_POST["password"];
    	// 防止 SQL 注入攻擊
    	$username = mysqli_real_escape_string($conn, $username);
    	$password = mysqli_real_escape_string($conn, $password);
    	// 查詢使用者是否存在
	    $sql = "SELECT * FROM logging WHERE username = '$username' AND password = '$password'";
    	$result = $conn->query($sql);
    	if ($result->num_rows > 0) {
        	header("Location:manage.php");
    	} else {
    	    header("Location:managelogging.php");
    	}
	}
	// 關閉資料庫連線
	$conn->close();
?>