connect_error) { die("Connection failed: " . $conn->connect_error); } // Initialize variables $error = ""; // Process the login form submission if ($_SERVER["REQUEST_METHOD"] == "POST") { // Retrieve user input (sanitize to prevent SQL injection) $email = $conn->real_escape_string($_POST["email"]); $password = $_POST["password"]; // Prepare and execute the SQL query to check user credentials $sql = "SELECT * FROM water WHERE email = ?"; $stmt = $conn->prepare($sql); if ($stmt) { $stmt->bind_param("s", $email); $stmt->execute(); $result = $stmt->get_result(); if ($result) { // Check if email exists if ($result->num_rows > 0) { // Email exists, fetch the user data $row = $result->fetch_assoc(); // Verify password using password_verify if (password_verify($password, $row["password"])) { // Password matches, redirect to new.html header("Location: /project/new.html"); exit; } else { // Password does not match $error = "Incorrect password, please try again."; } } else { // Email does not exist $error = "Email not found, please try again."; } } else { // SQL query execution failed $error = "Error executing SQL query: " . $stmt->error; } // Close the statement $stmt->close(); } else { // Statement preparation failed $error = "Error preparing SQL statement: " . $conn->error; } } // Close the database connection $conn->close(); ?> Admin Panel