prepare("SELECT password_hash FROM admin_users WHERE username = ?");
$stmt->execute([$user]);
$row = $stmt->fetch();
if ($row && password_verify($pass, $row['password_hash'])) {
session_regenerate_id(true);
$_SESSION['admin_logged_in'] = true;
$_SESSION['admin_user'] = $user;
header('Location: index.php');
exit;
} else {
$error = 'Invalid username or password.';
// Slow down brute-force attempts
sleep(1);
}
}
}
?>
PackIt Admin – Login