<?php echo __('login'); ?> - <?php echo htmlspecialchars($site

getMessage()); } require_once __DIR__ . '/lang.php'; require_once __DIR__ . '/helpers.php'; if (isset($_SESSION['user_id'])) { header("Location: dashboard.php"); exit; } $error = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $email = $_POST['email'] ?? ''; $password = $_POST['password'] ?? ''; if (empty($email) || empty($password)) { $error = __('fill_all_fields'); } else { $stmt = $db->prepare("SELECT id, name, password, role_id, active FROM users WHERE email = ?"); $stmt->execute([$email]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user && $user['active']) { if (password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['user_name'] = $user['name']; $update = $db->prepare("UPDATE users SET last_login = NOW() WHERE id = ?"); $update->execute([$user['id']]); header("Location: dashboard.php"); exit; } else { $error = __('invalid_credentials'); } } else { $error = __('invalid_credentials'); } } } // Fetch site settings for branding try { $stmt = $db->query("SELECT setting_key, setting_value FROM settings WHERE setting_key IN ('company_name', 'company_logo')"); $settings = []; while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $settings[$row['setting_key']] = $row['setting_value']; } } catch (Exception $e) { $settings = []; } $site_name = !empty($settings['company_name']) ? $settings['company_name'] : 'Hospital Management'; $site_logo = !empty($settings['company_logo']) ? $settings['company_logo'] : null; ?> <?php echo __('login'); ?> - <?php echo htmlspecialchars($site_name); ?>