40 lines
1.0 KiB
PHP
40 lines
1.0 KiB
PHP
<?php
|
|
ini_set('display_errors', 1);
|
|
ini_set('display_startup_errors', 1);
|
|
error_reporting(E_ALL);
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|
|
|
$username = $_POST['username'];
|
|
$password = $_POST['password'];
|
|
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
|
|
$stmt->execute([$username]);
|
|
$user = $stmt->fetch();
|
|
|
|
if ($user) {
|
|
if (password_verify($password, $user['password'])) {
|
|
$_SESSION['loggedin'] = true;
|
|
$_SESSION['id'] = $user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['role'] = $user['role'];
|
|
header("location: index.php");
|
|
exit;
|
|
} else {
|
|
$_SESSION['error'] = "Invalid username or password.";
|
|
header("location: login.php");
|
|
exit;
|
|
}
|
|
} else {
|
|
$_SESSION['error'] = "Invalid username or password.";
|
|
header("location: login.php");
|
|
exit;
|
|
}
|
|
} else {
|
|
}
|
|
?>
|