query($strSQL); if ($row=$result->fetch(PDO::FETCH_ASSOC)) { $boolOk = $strDistrict==$row['district'] || $row['username']=="admin"; if (password_verify($strPassword,$row['passwordhash']) && $boolOk) { $_SESSION['user']=$strUser; $_SESSION['csrf_token'] = uniqid('', true); $_SESSION['superadmin'] = $row['username']=="admin"; header ("Location: index.php"); } else { $boolLogin=false; } } else { $boolLogin=false; } } ?>