prepare("SELECT users.id, users.username, users.password_hash, roles.role_name FROM users JOIN roles ON users.role_id = roles.id WHERE users.username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user && password_verify($password, $user['password_hash'])) {
// Password is correct, start a new session
session_regenerate_id();
$_SESSION['loggedin'] = true;
$_SESSION['id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role_name'];
header("location: index.php");
exit;
} else {
// Display an error message if password or username is not valid
$error = "The username or password you entered was not valid.";
}
}
}
?>
Login - Bhuddi School