admin/37650-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37650-vm/login.php
Flatlogic Bot 9643b213d0 sad
2026-01-21 08:43:40 +00:00

105 lines
4.1 KiB
PHP
Raw Blame History

<?php
require_once 'db/config.php';
session_start();
if (isset($_SESSION['user_id'])) {
// Redirect to dashboard if already logged in
header("Location: dashboard.php");
exit();
}
$errors = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = trim($_POST['email'] ?? '');
$password = $_POST['password'] ?? '';
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'A valid email is required.';
}
if (empty($password)) {
$errors[] = 'Password is required.';
}
if (empty($errors)) {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$stmt->execute(['email' => $email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password_hash'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
// Redirect to the appropriate dashboard
if ($user['role'] === 'admin') {
header("Location: admin/index.php");
} else {
header("Location: dashboard.php");
}
exit();
} else {
$errors[] = 'Invalid email or password combination.';
}
} catch (PDOException $e) {
// For security, don't show detailed DB errors in production
error_log("Database error: " . $e->getMessage());
$errors[] = "An internal error occurred. Please try again later.";
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login - Car Sells in Afghanistan</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
</head>
<body>
<div class="form-container">
<div class="card auth-card">
<div class="card-body">
<div class="text-center mb-5">
<h1 class="h2">Welcome Back!</h1>
<p class="text-muted">Login to access your account and explore the best cars in Afghanistan.</p>
</div>
<?php if (!empty($errors)): ?>
<div class="alert alert-danger" role="alert">
<?php foreach ($errors as $error): ?>
<p class="mb-0"><?php echo htmlspecialchars($error); ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<form action="login.php" method="POST">
<div class="mb-4">
<label for="email" class="form-label">Email address</label>
<input type="email" id="email" name="email" class="form-control" placeholder="you@example.com" required value="<?php echo isset($email) ? htmlspecialchars($email) : ''; ?>">
</div>
<div class="mb-4">
<label for="password" class="form-label">Password</label>
<input type="password" id="password" name="password" class="form-control" placeholder="••••••••" required>
</div>
<div class="d-grid mt-5">
<button type="submit" class="btn btn-primary">Login</button>
</div>
</form>
<p class="text-center text-muted mt-4">
Don't have an account? <a href="register.php">Create one now</a>.
</p>
<p class="text-center text-muted mt-2">
<a href="index.php">Back to Home</a>
</p>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink