<?php
session_start();
if ($_POST) {
$username = $_POST['username'];
$password = $_POST['password'];
// Поиск пользователя в БД
$stmt = $pdo->prepare("SELECT id, username, password_hash, role FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password_hash'])) {
// Успешная аутентификация
session_regenerate_id(true);
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
$_SESSION['logged_in'] = true;
header("Location: dashboard.php");
exit;
} else {
$error = "Неверный логин или пароль";
}
}
?>
<form method="post">
<?php if (!empty($error)): ?>
<div style="color:red"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<input name="username" placeholder="Логин" required>
<input name="password" type="password" placeholder="Пароль" required>
<button>Войти</button>
</form>
<?php
session_start();
if ($_POST) {
$username = $_POST['username'];
$password = $_POST['password'];
// Поиск пользователя в БД
$stmt = $pdo->prepare("SELECT id, username, password_hash, role FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password_hash'])) {
// Успешная аутентификация
session_regenerate_id(true);
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
$_SESSION['logged_in'] = true;
header("Location: dashboard.php");
exit;
} else {
$error = "Неверный логин или пароль";
}
}
?>
<form method="post">
<?php if (!empty($error)): ?>
<div style="color:red"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<input name="username" placeholder="Логин" required>
<input name="password" type="password" placeholder="Пароль" required>
<button>Войти</button>
</form>