prepare('SELECT * FROM users WHERE username = ?'); $stmt->execute([$_POST['username']]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user && password_verify($_POST['password'], $user['password'])) { $_SESSION['user_id'] = $user['id']; header('Location: index.php'); exit; } } ob_start(); $title = 'Login'; ?>