diff --git a/TODO.md b/TODO.md
index 0692be9..30c9403 100644
--- a/TODO.md
+++ b/TODO.md
@@ -5,3 +5,5 @@
 - ~~jilo-web.db outside web root~~
 
 - jilo-web.db writable by web server user
+
+- add mysql/mariadb option
diff --git a/public_html/classes/database.php b/public_html/classes/database.php
index 065902f..08bfb38 100644
--- a/public_html/classes/database.php
+++ b/public_html/classes/database.php
@@ -4,10 +4,13 @@ class Database {
     private $pdo;
 
     public function __construct($dbFile) {
+        // pdo and pdo_sqlite needed
         if ( !extension_loaded('pdo_sqlite') ) {
             throw new Exception('PDO extension for SQLite not loaded.');
         }
 
+        // connect to database
+        // FIXME: add mysql/mariadb option
         try {
             $this->pdo = new PDO("sqlite:" . $dbFile);
             $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
diff --git a/public_html/classes/user.php b/public_html/classes/user.php
index 4debec9..df560b9 100644
--- a/public_html/classes/user.php
+++ b/public_html/classes/user.php
@@ -7,6 +7,7 @@ class User {
         $this->db = $database->getConnection();
     }
 
+    // registration
     public function register($username, $password) {
         $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
         $query = $this->db->prepare("INSERT INTO users (username, password) VALUES (:username, :password)");
@@ -16,6 +17,7 @@ class User {
         return $query->execute();
     }
 
+    // login
     public function login($username, $password) {
         $query = $this->db->prepare("SELECT * FROM  users WHERE username = :username");
         $query->bindParam(':username', $username);
@@ -23,7 +25,6 @@ class User {
 
         $user = $query->fetch(PDO::FETCH_ASSOC);
         if ( $user && password_verify($password, $user['password'])) {
-            session_start();
             $_SESSION['user_id'] = $user['id'];
             $_SESSION['username'] = $user['username'];
             return true;