prepare("SELECT * FROM users WHERE username = ?"); $stmt->execute([$username]); $user = $stmt->fetch(); if ($user && password_verify($password, $user['password'])) { // Capture and update IP $user_ip = $_SERVER['REMOTE_ADDR']; if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $user_ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } $pdo->prepare("UPDATE users SET last_ip = ? WHERE id = ?")->execute([$user_ip, $user['id']]); $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; $_SESSION['uid'] = $user['uid']; header("Location: index.php"); exit; } else { $error = __('login_error', 'Invalid username or password.'); } } ?>