db = Database::getInstance(); } public function login($email, $password) { try { error_log("Login attempt for: " . $email); // Debug log $email = $this->db->escape($email); $sql = "SELECT * FROM users WHERE email = '$email'"; $result = $this->db->query($sql); error_log("Query executed: " . $sql); // Debug log if ($result && $result->num_rows > 0) { $user = $result->fetch_assoc(); // Debug logs error_log("User found: " . print_r($user, true)); error_log("Stored hash: " . $user['password']); error_log("Input password: " . $password); error_log("Password verify result: " . (password_verify($password, $user['password']) ? 'true' : 'false')); if (password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['user_role'] = $user['role']; $_SESSION['user_name'] = $user['full_name']; error_log("Login successful for user: " . $user['full_name']); return true; } } error_log("Login failed for email: " . $email); return false; } catch (Exception $e) { error_log("Login error: " . $e->getMessage()); return false; } } public function isLoggedIn() { return isset($_SESSION['user_id']); } public function isAdmin() { return isset($_SESSION['user_role']) && $_SESSION['user_role'] === 'admin'; } public function getCurrentUser() { if (!$this->isLoggedIn()) { return null; } $userId = (int)$_SESSION['user_id']; $sql = "SELECT * FROM users WHERE id = $userId"; $result = $this->db->query($sql); return $result ? $result->fetch_assoc() : null; } public function logout() { $_SESSION = array(); if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-3600, '/'); } session_destroy(); return true; } }