prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
if ($user['status'] === 'banned') {
$errors[] = 'Your account has been banned.';
} else {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
header("Location: profile.php");
exit;
}
} else {
$errors[] = 'Invalid email or password';
}
}
}
?>
Login
Access your account.