prepare('SELECT * FROM users WHERE username = ?');
$stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
if (!$user) {
exit(create_alert('/login.php', 401, 'Incorrect username or password.', null));
}
if (!password_verify($password, $user['password'])) {
exit(create_alert('/login.php', 401, 'Incorrect username or password.', null));
}
$_SESSION['user'] = $user;
exit(create_alert('/', 200, null, $user));
}
?>
id