prepare("SELECT * FROM users WHERE username = ?"); $stmt->execute([$_POST['username']]); $user = $stmt->fetch(); if ($user && password_verify($_POST['password'], $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; $_SESSION['role'] = $user['role']; header('Location: index.php'); exit; } else { $error = 'Invalid credentials.'; } } catch (PDOException $e) { $error = "Database error: " . $e->getMessage(); } } } include 'includes/header.php'; ?>

Login