implemented login and safe userid in php session

This commit is contained in:
Marcel Schwarz 2018-06-17 21:36:38 +02:00
parent f3c02d2c19
commit 2c5df120cb
6 changed files with 116 additions and 73 deletions

View File

@ -1,7 +1,6 @@
<?php
if(!isset($_SESSION)){
session_start();
}
require('dbConnect.php');
?>
<!doctype html>
<html lang="en">
@ -19,7 +18,16 @@
<body>
<!-- Include the header-->
<?php include('segments/_header.php'); ?>
<?php
if(isset($_SESSION['user'])){
include('segments/_headerSession.php');
} else {
include('segments/_header.php');
}
?>
<?php #include('segments/_indexTestLoginVals.php'); ?><!-- For forms testing -->
<?php
@ -27,15 +35,42 @@
$p = '';
if(isset($_GET['page'])){$p = $_GET['page'];}
if($p == '' || $p == 'home'){$page = '_home.php';}
if($p == 'newEntry'){$page = '_entryForm.php';}
if($p == 'myFriendsBook'){$page = '_myFriendsBook.php';}
if($p == 'login'){$page = '_login.php';}
if($p == 'register'){$page = '_register.php';}
if($p == '' || $p == 'home'){
$page = '_home.php';
}
if($p == 'newEntry'){
$page = '_entryForm.php';
}
if($p == 'myFriendsBook'){
$page = '_myFriendsBook.php';
}
if($p == 'login'){
if(isset($_SESSION['user'])){
header('Location: index.php');
} else {
$page = '_login.php';
}
}
if($p == 'register'){
$page = '_register.php';
}
require('segments/'.$page);
require_once('segments/'.$page);
?>
<div id="content">
<br><span> Session User: <?php echo $_SESSION['user']; ?> </span>
</div>

24
php/login.php Normal file
View File

@ -0,0 +1,24 @@
<?php
//<!--Login-->
if(isset($_POST['login-form'])){
session_start();
require('dbConnect.php');
$name = ($_POST['loginName']);
$pswd = ($_POST['loginPassword']);
$pswd = md5($pswd);
$stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'");
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows == 1) {
$object = $result->fetch_object();
$_SESSION['user'] = $object->id;
echo "Einloggen erfolgreich";
} else {
echo "Einloggen fehlgeschlagen";
}
}
?>

View File

@ -1,37 +0,0 @@
<?php
//<!--Login-->
if(isset($_POST['login-form'])){
session_start();
require('dbConnect.php');
$name = ($_POST['loginName']);
$pswd = ($_POST['loginPassword']);
$pswd = md5($pswd);
$stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'");
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows == 1) {
$object = $result->fetch_object();
$_SESSION['user'] = $object->id;
//$rueckgabe = array('html' => "Eingeloggt", 'id' => $object->id, 'session' => session_id());
// header('Location: /index2.htm');
//echo json_encode('Eingeloggt!');
//echo json_encode($rueckgabe);
// $stmt = $database->prepare("SELECT loggedin FROM user WHERE '$name'=user");
// $stmt->execute();
// $result = $stmt->get_result()->fetch_assoc();
// if ($result['loggedin'] == 'false') {
// $stmt = $database->prepare("UPDATE `benutzer`.`user` SET `loggedin`='true' WHERE '$name'=user");
// $stmt->execute();
// $a = "true";
echo "Einloggen erfolgreich";
} else {
//$a = array('error' => 'Einlogen fehlgeschlagen!');
//echo json_encode($a);
echo "Einloggen fehlgeschlagen";
}
}
?>

View File

@ -45,4 +45,3 @@
</form>
</div>
</nav>
<?php require("php/signin.php") ?>

View File

@ -41,4 +41,3 @@
</form>
</div>
</nav>
<?php require("php/signin.php") ?>

View File

@ -1,15 +1,37 @@
<?php
//<!--Login-->
if( (isset($_POST['loginName'])) && isset($_POST['loginPassword'])){
$name = ($_POST['loginName']);
$pswd = ($_POST['loginPassword']);
$pswd = md5($pswd);
$stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'");
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows == 1) {
$object = $result->fetch_object();
$_SESSION['user'] = $object->id;
echo "Einloggen erfolgreich";
header("refresh:2;");
} else {
echo "Einloggen fehlgeschlagen";
}
}
?>
<p></p>
<div class="container">
<div class="row">
<div class="col-12">
<div class="alert alert-dark" role="alert">
<h4> Login into your FriendsBook Account!</h4>
</div>
<hr />
<!--Login-->
<form id="login-form" action="index.php" method="post">
<form id="login-form" action="index.php?page=login" method="post">
<div class="input-group input-group-sm mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="inputGroup-sizing-sm">Username</span>
@ -25,6 +47,7 @@
<hr />
<button id="btnLogin" type="submit" style="float: right;" class="btn btn-primary">Login</button>
<div id="login-status"></div>
</form>
</div>
</div>
</div> <!-- Ende container login -->