prepare("SELECT id, username, password_hash FROM user WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password_hash'])) {
session_regenerate_id(true);
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
header('Location: ' . $config->basePath);
exit;
} else {
$error = 'Invalid username or password';
}
}
$csrf_token = generateCsrfToken();
?>
<?= $config->siteTitle ?>
Login