prepare("SELECT * FROM users WHERE email = ?"); $stmt->execute([$email]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user && password_verify($password, $user['password'])) { $_SESSION['user'] = [ 'id' => $user['id'], 'email' => $user['email'], 'role' => $user['role'] ]; if ($user['role'] === 'admin') { header('Location: admin/index.php'); } else { header('Location: dashboard.php'); } exit(); } else { $error = 'Invalid email or password.'; } } catch (PDOException $e) { $error = 'Database error. Please try again later.'; // error_log($e->getMessage()); // It's good practice to log the actual error } } } require_once 'includes/header.php'; ?>

Login

Don't have an account? Sign up