prepare("SELECT * FROM users WHERE username = :username LIMIT 1");
$stmt->execute(['username' => $username]);
$user = $stmt->fetch();
// Note: The 'password' column stores the hash
if ($user && password_verify($password, $user['password'])) {
if (isset($user['status']) && $user['status'] !== 'active' && isset($user['status'])) {
// Status column is not in the mandatory schema but might remain if I didn't drop it?
// The prompt asked for specific columns. I will assume only those columns exist.
// So I should probably remove the status check unless I add status to the schema.
// The prompt schema for users: id, username, password, role, created_at. NO STATUS.
// I will remove the status check to be safe.
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
// Redirect to the appropriate dashboard
if ($user['role'] === 'admin') {
header("Location: admin/index.php");
} else {
header("Location: dashboard.php");
}
exit();
} else {
// If status column exists and is checked above...
// Re-implementing logic:
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
if ($user['role'] === 'admin') {
header("Location: admin/index.php");
} else {
header("Location: dashboard.php");
}
exit();
}
} else {
$errors[] = 'Invalid login credentials.';
}
} catch (PDOException $e) {
error_log("Database error: " . $e->getMessage());
$errors[] = "An internal error occurred. Please try again later.";
}
}
}
?>
Login - Car Sells in Afghanistan