From 2c5df120cb024dc43f6bd065081874e1b744298c Mon Sep 17 00:00:00 2001 From: Marcel Schwarz Date: Sun, 17 Jun 2018 21:36:38 +0200 Subject: [PATCH] implemented login and safe userid in php session --- index.php | 55 ++++++++++++++++++++++------ php/login.php | 24 +++++++++++++ php/signin.php | 37 ------------------- segments/_header.php | 1 - segments/_headerSession.php | 1 - segments/_login.php | 71 ++++++++++++++++++++++++------------- 6 files changed, 116 insertions(+), 73 deletions(-) create mode 100644 php/login.php delete mode 100644 php/signin.php diff --git a/index.php b/index.php index 714ea09..1717b57 100644 --- a/index.php +++ b/index.php @@ -1,7 +1,6 @@ @@ -19,7 +18,16 @@ - + + + + + + + + + +

Session User:
diff --git a/php/login.php b/php/login.php new file mode 100644 index 0000000..840895d --- /dev/null +++ b/php/login.php @@ -0,0 +1,24 @@ + +if(isset($_POST['login-form'])){ + session_start(); + require('dbConnect.php'); + + $name = ($_POST['loginName']); + $pswd = ($_POST['loginPassword']); + $pswd = md5($pswd); + + $stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'"); + $stmt->execute(); + $result = $stmt->get_result(); + + if ($result->num_rows == 1) { + $object = $result->fetch_object(); + $_SESSION['user'] = $object->id; + + echo "Einloggen erfolgreich"; + } else { + echo "Einloggen fehlgeschlagen"; + } +} +?> diff --git a/php/signin.php b/php/signin.php deleted file mode 100644 index 2da14f4..0000000 --- a/php/signin.php +++ /dev/null @@ -1,37 +0,0 @@ - -if(isset($_POST['login-form'])){ - session_start(); - require('dbConnect.php'); - - - $name = ($_POST['loginName']); - $pswd = ($_POST['loginPassword']); - $pswd = md5($pswd); - - $stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'"); - $stmt->execute(); - $result = $stmt->get_result(); - - if ($result->num_rows == 1) { - $object = $result->fetch_object(); - $_SESSION['user'] = $object->id; - //$rueckgabe = array('html' => "Eingeloggt", 'id' => $object->id, 'session' => session_id()); - // header('Location: /index2.htm'); - //echo json_encode('Eingeloggt!'); - //echo json_encode($rueckgabe); - // $stmt = $database->prepare("SELECT loggedin FROM user WHERE '$name'=user"); - // $stmt->execute(); - // $result = $stmt->get_result()->fetch_assoc(); - // if ($result['loggedin'] == 'false') { - // $stmt = $database->prepare("UPDATE `benutzer`.`user` SET `loggedin`='true' WHERE '$name'=user"); - // $stmt->execute(); - // $a = "true"; - echo "Einloggen erfolgreich"; - } else { - //$a = array('error' => 'Einlogen fehlgeschlagen!'); - //echo json_encode($a); - echo "Einloggen fehlgeschlagen"; - } -} -?> diff --git a/segments/_header.php b/segments/_header.php index 640d7c2..cae5874 100644 --- a/segments/_header.php +++ b/segments/_header.php @@ -45,4 +45,3 @@ - diff --git a/segments/_headerSession.php b/segments/_headerSession.php index 7e7ca1e..962884d 100644 --- a/segments/_headerSession.php +++ b/segments/_headerSession.php @@ -41,4 +41,3 @@ - diff --git a/segments/_login.php b/segments/_login.php index 9d9a658..5f200e2 100644 --- a/segments/_login.php +++ b/segments/_login.php @@ -1,30 +1,53 @@ + +if( (isset($_POST['loginName'])) && isset($_POST['loginPassword'])){ + + $name = ($_POST['loginName']); + $pswd = ($_POST['loginPassword']); + $pswd = md5($pswd); + + $stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'"); + $stmt->execute(); + $result = $stmt->get_result(); + + if ($result->num_rows == 1) { + $object = $result->fetch_object(); + $_SESSION['user'] = $object->id; + echo "Einloggen erfolgreich"; + header("refresh:2;"); + } else { + echo "Einloggen fehlgeschlagen"; + } + + +} +?>

-
- -
- -
- -
-
- Username + +
+ + +
+
+ Username +
+ +
+
+
+ Password +
+ +
+
+ +
+ +
- -
-
-
- Password -
- -
-
- -
-
-