prepare($strSQL); $stmt->bindValue(":user",$strUser, PDO::PARAM_STR); $stmt->execute(); if ($row=$stmt->fetch(PDO::FETCH_ASSOC)) { $boolOk = $strDistrict==$row['district'] || $row['role']=="admin"; if (password_verify($strPassword,$row['passwordhash']) && $boolOk) { $_SESSION['user']=$strUser; $_SESSION['csrf_token'] = uniqid('', true); $_SESSION['superadmin'] = $row['role']=="admin"; $strSQL="UPDATE `user` SET `lastlogin`= NOW() WHERE `username`=:user"; $stmt = $db->prepare($strSQL); $stmt->bindValue(':user',$strUser); $stmt->execute(); header ("Location: admin/index.php"); } else { $boolLogin=false; } } else { $boolLogin=false; } } ?>