prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
header("Location: index.php");
exit;
} else {
$error = '用户名或密码错误';
}
} else {
$error = '请填写所有字段';
}
}
include 'header.php';
?>