<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['username'])) {
    $username = trim($_POST['username']);
    $password = $_POST['password']; 
    $contact = isset($_POST['contact']) ? trim($_POST['contact']) : null;

    // 检查密码长度
    if (strlen($password) < 5) {
        $title = '密码太短，至少需要5个字符';
        $right_word = '注册';
        $href_url = '/?page=account';
        include('includes/time.php');
    } else {
        $password = password_hash($password, PASSWORD_DEFAULT);

        // 检查用户名是否为空
        if (empty($username)) {
            $title = '用户名不能为空';
            $right_word = '注册';
            $href_url = '/?page=account';
            include('includes/time.php');
        } else {
            // 检查用户名是否已存在
            $checkStmt = $pdo->prepare("SELECT username FROM users WHERE username = ?");
            $checkStmt->execute([$username]);

            if ($checkStmt->rowCount() > 0) {
                $title = '用户名已存在';
                $right_word = '注册';
                $href_url = '/?page=account';
                include('includes/time.php');
            } else {
                $stmt = $pdo->prepare("INSERT INTO users (username, password, contact) VALUES (?, ?, ?)");

                if ($stmt->execute([$username, $password, $contact])) {
                    $title = '注册成功';
                    $right_word = '登录';
                    $href_url = '/?page=account';
                    include('includes/time.php');
                } else {
                    $title = '注册失败';
                    $right_word = '注册';
                    $href_url = '/?page=account';
                    include('includes/time.php');
                }
            }
        }
    }
}

// 登录
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login_username'])) {
    $login_username = trim($_POST['login_username']);
    $login_password = $_POST['login_password'];

    // 检查登录用户名是否为空
    if (empty($login_username)) {
        $title = '用户名不能为空';
        $right_word = '登录';
        $href_url = '/?page=account';
        include('includes/time.php');
    } else {
        $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
        $stmt->execute([$login_username]);
        $user = $stmt->fetch();

        if ($user && password_verify($login_password, $user['password'])) {
            $_SESSION['user_id'] = $user['id'];
            $title = '登录成功';
            $right_word = '首';
            $href_url = '/';
            include('includes/time.php');
        } else {
            $title = '用户名或密码错误';
            $right_word = '登录';
            $href_url = '/?page=account';
            include('includes/time.php');
        }
    }
}
?>