prepare("SELECT * FROM users WHERE username = :username");
$stmt->bindParam(':username', $username);
$stmt->execute();
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
// Password is correct, start session
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['user_role'] = $user['role'];
// Redirect to admin dashboard
header('Location: admin/index.php');
exit;
} else {
$error_message = 'Invalid username or password.';
}
} catch (PDOException $e) {
$error_message = 'Database error: ' . $e->getMessage();
}
}
}
?>
Admin Login - GiftShop