prepare('SELECT id, password, role FROM users WHERE email = ?'); $stmt->execute([$email]); $user = $stmt->fetch(); if ($user && password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['user_email'] = $email; $_SESSION['user_role'] = $user['role']; header('Location: index.php'); exit(); } else { $error = t('invalid_credentials'); } } catch (PDOException $e) { $error = "Database error: " . $e->getMessage(); } } } ?>