session_start();
include("../config/db.php");

$user = $_POST['username'];
$pass = $_POST['password'];

$res = mysqli_query($conn,"SELECT * FROM users WHERE username='$user'");
$data = mysqli_fetch_assoc($res);

if(password_verify($pass,$data['password'])){
    $_SESSION['user_id'] = $data['id'];
    header("Location: ../index.php");
}