39496-vm/login.php

<?php
require_once __DIR__ . '/includes/auth.php';

if (!empty($_SESSION['user_id'])) {
    header('Location: index.php');
    exit;
}

$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $email = trim($_POST['email'] ?? '');
    $password = $_POST['password'] ?? '';
    
    if ($email && $password) {
        $stmt = db()->prepare("SELECT * FROM users WHERE email = ?");
        $stmt->execute([$email]);
        $user = $stmt->fetch(PDO::FETCH_ASSOC);
        
        if ($user && password_verify($password, $user['password'])) {
            $_SESSION['user_id'] = $user['id'];
            $_SESSION['user_role'] = $user['role'];
            header('Location: admin.php');
            exit;
        } else {
            $error = t('Invalid email or password.', 'البريد الإلكتروني أو كلمة المرور غير صحيحة.');
        }
    } else {
        $error = t('Please fill in all fields.', 'يرجى تعبئة جميع الحقول.');
    }
}

render_head(t('Login', 'تسجيل الدخول'));
render_nav('login.php');
?>
<main class="py-5 bg-light min-vh-100 d-flex align-items-center">
  <div class="container">
    <div class="row justify-content-center">
      <div class="col-md-5 col-lg-4">
        <div class="card border-0 shadow-sm" style="border-radius: 1rem;">
          <div class="card-body p-4 p-md-5">
            <h1 class="h4 mb-4 text-center fw-bold"><?= h(t('Welcome back', 'مرحباً بعودتك')) ?></h1>
            <?php if ($error): ?>
              <div class="alert alert-danger py-2 small"><?= h($error) ?></div>
            <?php endif; ?>
            <form method="post" action="login.php">
              <div class="mb-3">
                <label class="form-label small fw-semibold"><?= h(t('Email address', 'البريد الإلكتروني')) ?></label>
                <input type="email" name="email" class="form-control form-control-lg" required autofocus>
              </div>
              <div class="mb-4">
                <div class="d-flex justify-content-between align-items-center mb-1">
                  <label class="form-label small fw-semibold mb-0"><?= h(t('Password', 'كلمة المرور')) ?></label>
                  <a href="reset_password.php" class="small text-decoration-none"><?= h(t('Forgot?', 'نسيت؟')) ?></a>
                </div>
                <input type="password" name="password" class="form-control form-control-lg" required>
              </div>
              <button type="submit" class="btn btn-dark btn-lg w-100"><?= h(t('Log In', 'تسجيل الدخول')) ?></button>
            </form>
          </div>
        </div>
      </div>
    </div>
  </div>
</main>
<?php render_footer(); ?>