'error', 'message' => 'Invalid request method']); exit; } $input = json_decode(file_get_contents('php://input'), true); if (!$input && isset($_POST['username'])) { $input = $_POST; } $username = $input['username'] ?? ''; $password = $input['password'] ?? ''; if (empty($username) || empty($password)) { echo json_encode(['status' => 'error', 'message' => 'Username and password required']); exit; } $stmt = $c->prepare("SELECT id, username, password FROM users WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $result = $stmt->get_result(); if ($row = $result->fetch_assoc()) { if (password_verify($password, $row['password'])) { // Success $_SESSION['user_id'] = $row['id']; $_SESSION['username'] = $row['username']; echo json_encode(['status' => 'success', 'message' => 'Login successful']); exit; } } echo json_encode(['status' => 'error', 'message' => 'Invalid username or password']);