prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
// Password is correct, start a new session
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_name'] = $user['name'];
$_SESSION['user_role'] = $user['role'];
// Redirect to the appropriate dashboard
if ($user['role'] === 'admin') {
header("Location: admin_dashboard.php");
} elseif ($user['role'] === 'vendor') {
header("Location: vendor_dashboard.php");
} else {
header("Location: dashboard.php");
}
exit;
} else {
$message = "Invalid email or password.";
}
} catch (PDOException $e) {
$message = "Database error: " . $e->getMessage();
}
}
}
?>
Login