<?php echo __('login'); ?> - <?php echo htmlspecialchars($site

prepare("SELECT id, name, password, role_id, active FROM users WHERE email = ?"); $stmt->execute([$email]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user && $user['active']) { // For the default seeded user, we used a specific hash. // In a real app, use password_verify($password, $user['password']) // For this demo/prototype environment where I manually inserted a hash: if (password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['user_name'] = $user['name']; // Update last login $update = $db->prepare("UPDATE users SET last_login = NOW() WHERE id = ?"); $update->execute([$user['id']]); header("Location: dashboard.php"); exit; } else { $error = __('invalid_credentials'); } } else { $error = __('invalid_credentials'); } } } // Fetch site settings for branding $db = db(); $stmt = $db->query("SELECT setting_key, setting_value FROM settings WHERE setting_key IN ('company_name', 'company_logo')"); $settings = []; while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $settings[$row['setting_key']] = $row['setting_value']; } $site_name = !empty($settings['company_name']) ? $settings['company_name'] : 'Hospital Management'; $site_logo = !empty($settings['company_logo']) ? $settings['company_logo'] : null; ?> <?php echo __('login'); ?> - <?php echo htmlspecialchars($site_name); ?>