prepare("SELECT * FROM users WHERE email = ?"); $stmt->execute([$email]); $user = $stmt->fetch(); if ($user && password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['user_name'] = $user['full_name']; header("Location: index.php"); exit; } else { $error = 'error_invalid_credentials'; } } catch (PDOException $e) { $error = "Database error: " . $e->getMessage(); } } } ?>