implemented login and safe userid in php session
This commit is contained in:
parent
f3c02d2c19
commit
2c5df120cb
53
index.php
53
index.php
@ -1,7 +1,6 @@
|
||||
<?php
|
||||
if(!isset($_SESSION)){
|
||||
session_start();
|
||||
}
|
||||
require('dbConnect.php');
|
||||
?>
|
||||
<!doctype html>
|
||||
<html lang="en">
|
||||
@ -19,7 +18,16 @@
|
||||
|
||||
<body>
|
||||
<!-- Include the header-->
|
||||
<?php include('segments/_header.php'); ?>
|
||||
|
||||
<?php
|
||||
if(isset($_SESSION['user'])){
|
||||
include('segments/_headerSession.php');
|
||||
} else {
|
||||
include('segments/_header.php');
|
||||
}
|
||||
|
||||
|
||||
?>
|
||||
<?php #include('segments/_indexTestLoginVals.php'); ?><!-- For forms testing -->
|
||||
|
||||
<?php
|
||||
@ -27,15 +35,42 @@
|
||||
$p = '';
|
||||
if(isset($_GET['page'])){$p = $_GET['page'];}
|
||||
|
||||
if($p == '' || $p == 'home'){$page = '_home.php';}
|
||||
if($p == 'newEntry'){$page = '_entryForm.php';}
|
||||
if($p == 'myFriendsBook'){$page = '_myFriendsBook.php';}
|
||||
if($p == 'login'){$page = '_login.php';}
|
||||
if($p == 'register'){$page = '_register.php';}
|
||||
if($p == '' || $p == 'home'){
|
||||
$page = '_home.php';
|
||||
}
|
||||
|
||||
if($p == 'newEntry'){
|
||||
$page = '_entryForm.php';
|
||||
}
|
||||
|
||||
if($p == 'myFriendsBook'){
|
||||
$page = '_myFriendsBook.php';
|
||||
}
|
||||
|
||||
if($p == 'login'){
|
||||
if(isset($_SESSION['user'])){
|
||||
header('Location: index.php');
|
||||
} else {
|
||||
$page = '_login.php';
|
||||
}
|
||||
}
|
||||
|
||||
if($p == 'register'){
|
||||
$page = '_register.php';
|
||||
}
|
||||
|
||||
require('segments/'.$page);
|
||||
|
||||
require_once('segments/'.$page);
|
||||
?>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<div id="content">
|
||||
<br><span> Session User: <?php echo $_SESSION['user']; ?> </span>
|
||||
</div>
|
||||
|
24
php/login.php
Normal file
24
php/login.php
Normal file
@ -0,0 +1,24 @@
|
||||
<?php
|
||||
//<!--Login-->
|
||||
if(isset($_POST['login-form'])){
|
||||
session_start();
|
||||
require('dbConnect.php');
|
||||
|
||||
$name = ($_POST['loginName']);
|
||||
$pswd = ($_POST['loginPassword']);
|
||||
$pswd = md5($pswd);
|
||||
|
||||
$stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'");
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
|
||||
if ($result->num_rows == 1) {
|
||||
$object = $result->fetch_object();
|
||||
$_SESSION['user'] = $object->id;
|
||||
|
||||
echo "Einloggen erfolgreich";
|
||||
} else {
|
||||
echo "Einloggen fehlgeschlagen";
|
||||
}
|
||||
}
|
||||
?>
|
@ -1,37 +0,0 @@
|
||||
<?php
|
||||
//<!--Login-->
|
||||
if(isset($_POST['login-form'])){
|
||||
session_start();
|
||||
require('dbConnect.php');
|
||||
|
||||
|
||||
$name = ($_POST['loginName']);
|
||||
$pswd = ($_POST['loginPassword']);
|
||||
$pswd = md5($pswd);
|
||||
|
||||
$stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'");
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
|
||||
if ($result->num_rows == 1) {
|
||||
$object = $result->fetch_object();
|
||||
$_SESSION['user'] = $object->id;
|
||||
//$rueckgabe = array('html' => "Eingeloggt", 'id' => $object->id, 'session' => session_id());
|
||||
// header('Location: /index2.htm');
|
||||
//echo json_encode('Eingeloggt!');
|
||||
//echo json_encode($rueckgabe);
|
||||
// $stmt = $database->prepare("SELECT loggedin FROM user WHERE '$name'=user");
|
||||
// $stmt->execute();
|
||||
// $result = $stmt->get_result()->fetch_assoc();
|
||||
// if ($result['loggedin'] == 'false') {
|
||||
// $stmt = $database->prepare("UPDATE `benutzer`.`user` SET `loggedin`='true' WHERE '$name'=user");
|
||||
// $stmt->execute();
|
||||
// $a = "true";
|
||||
echo "Einloggen erfolgreich";
|
||||
} else {
|
||||
//$a = array('error' => 'Einlogen fehlgeschlagen!');
|
||||
//echo json_encode($a);
|
||||
echo "Einloggen fehlgeschlagen";
|
||||
}
|
||||
}
|
||||
?>
|
@ -45,4 +45,3 @@
|
||||
</form>
|
||||
</div>
|
||||
</nav>
|
||||
<?php require("php/signin.php") ?>
|
||||
|
@ -41,4 +41,3 @@
|
||||
</form>
|
||||
</div>
|
||||
</nav>
|
||||
<?php require("php/signin.php") ?>
|
||||
|
@ -1,15 +1,37 @@
|
||||
<?php
|
||||
//<!--Login-->
|
||||
if( (isset($_POST['loginName'])) && isset($_POST['loginPassword'])){
|
||||
|
||||
$name = ($_POST['loginName']);
|
||||
$pswd = ($_POST['loginPassword']);
|
||||
$pswd = md5($pswd);
|
||||
|
||||
$stmt = $database->prepare("SELECT id FROM user WHERE '$name'=user AND password='$pswd'");
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
|
||||
if ($result->num_rows == 1) {
|
||||
$object = $result->fetch_object();
|
||||
$_SESSION['user'] = $object->id;
|
||||
echo "Einloggen erfolgreich";
|
||||
header("refresh:2;");
|
||||
} else {
|
||||
echo "Einloggen fehlgeschlagen";
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
?>
|
||||
<p></p>
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
|
||||
<div class="col-12">
|
||||
<div class="alert alert-dark" role="alert">
|
||||
<h4> Login into your FriendsBook Account!</h4>
|
||||
</div>
|
||||
<hr />
|
||||
<!--Login-->
|
||||
<form id="login-form" action="index.php" method="post">
|
||||
|
||||
<form id="login-form" action="index.php?page=login" method="post">
|
||||
<div class="input-group input-group-sm mb-3">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text" id="inputGroup-sizing-sm">Username</span>
|
||||
@ -25,6 +47,7 @@
|
||||
<hr />
|
||||
<button id="btnLogin" type="submit" style="float: right;" class="btn btn-primary">Login</button>
|
||||
<div id="login-status"></div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div> <!-- Ende container login -->
|
||||
|
Loading…
Reference in New Issue
Block a user