php
session_start();
if(isset($_SESSION['admin'])) {
    header("Location: admin.php");
    exit;
}

if($_SERVER['REQUEST_METHOD'] == 'POST') {
require_once 'config.php';
$conn = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
    
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    $stmt = $conn->prepare("SELECT id, password FROM users WHERE username = ?");
    $stmt->bind_param("s", $username);
    $stmt->execute();
    $result = $stmt->get_result();
    
    if($user = $result->fetch_assoc()) {
        if(password_verify($password, $user['password'])) {
            $_SESSION['admin'] = $user['id'];
            header("Location: admin.php");
            exit;
        }
    }
    
    $error = "用户名或密码错误";
    $conn->close();
}
?>
<!DOCTYPE html>
<html>
<head>
    <title>管理员登录</title>
    <style>
        body { font-family: Arial; max-width: 400px; margin: 50px auto; }
        form { padding: 20px; border: 1px solid #ddd; }
        input { display: block; margin: 10px 0; width: 100%; }
        .error { color: red; }
    </style>
</head>
<body>
    <h1>管理员登录</h1>
        <form method="post">
        <input type="text" name="username" placeholder="用户名" required>
        <input type="password" name="password" placeholder="密码" required>
        <button type="submit">登录</button>
    </form>
</body>
</html>