query("SELECT * FROM charity_settings WHERE id = 1"); $charity = $stmt->fetch(); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $username = trim($_POST['username'] ?? ''); $password = $_POST['password'] ?? ''; if ($username && $password) { $stmt = db()->prepare("SELECT * FROM users WHERE username = ?"); $stmt->execute([$username]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user && password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; $_SESSION['full_name'] = $user['full_name']; $_SESSION['user_role'] = $user['role']; // Set permissions in session immediately $_SESSION['can_view'] = $user['can_view'] ?? 1; $_SESSION['can_add'] = $user['can_add'] ?? 0; $_SESSION['can_edit'] = $user['can_edit'] ?? 0; $_SESSION['can_delete'] = $user['can_delete'] ?? 0; redirect('index.php'); } else { $error = 'اسم المستخدم أو كلمة المرور غير صحيحة'; } } else { $error = 'يرجى إدخال جميع الحقول المطلوبة'; } } ?>

نظام المراسلات