prepare("SELECT id, " . $password_column . " FROM " . $table_name . " WHERE email = ?"); $stmt->execute([$email]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user && password_verify($password, $user[$password_column])) { // Regenerate session ID to prevent session fixation session_regenerate_id(true); // Store user info in session $_SESSION['user_id'] = $user['id']; $_SESSION['user_type'] = $user_type; $_SESSION['user_email'] = $email; // Set a session token in a cookie for "Remember Me" functionality (optional) // $token = bin2hex(random_bytes(32)); // setcookie('session_token', $token, time() + (86400 * 30), "/"); // 30 days // $expires_at = date('Y-m-d H:i:s', time() + (86400 * 30)); // $stmt = $pdo->prepare("INSERT INTO sessions (user_id, user_type, token, expires_at) VALUES (?, ?, ?, ?)"); // $stmt->execute([$user['id'], $user_type, $token, $expires_at]); header("Location: dashboard.php"); exit; } else { $error_message = "Invalid email, password, or role."; } } catch (PDOException $e) { $error_message = "Database error: " . $e->getMessage(); } } } } ?> <?= htmlspecialchars($page_title) ?> - Organ Donation

Organ Donation Management

Login