prepare("SELECT * FROM users WHERE email = ?"); $stmt->execute([$email]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user && password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['user_role'] = $user['role']; if ($user['role'] === 'admin') { header('Location: admin/index.php'); } else { header('Location: dashboard.php'); } exit(); } else { $error = 'Invalid email or password.'; } } catch (PDOException $e) { $error = 'Database error. Please try again later.'; // error_log($e->getMessage()); // It's good practice to log the actual error } } } require_once 'includes/header.php'; ?>

Login

Don't have an account? Sign up