prepare("SELECT * FROM users WHERE email = ?"); $stmt->execute([$email]); $user = $stmt->fetch(); // Verify Password AND Role if ($user && password_verify($password, $user['password_hash'])) { if ($user['role'] === 'admin') { $_SESSION['user_id'] = $user['id']; $_SESSION['role'] = 'admin'; header("Location: index.php"); exit(); } else { $error = "You are not an Admin."; } } else { $error = "Invalid Credentials."; } } ?>

Admin Login