initial commit
This commit is contained in:
Borgal
101
login.php
Executable file
101
login.php
Executable file
@@ -0,0 +1,101 @@
|
||||
<?php
|
||||
session_start();
|
||||
include('inc/db.php');
|
||||
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
|
||||
// 1. Prepared Statement vorbereiten
|
||||
$stmt = mysqli_prepare($conn, "SELECT id, username, password, role FROM users WHERE username = ?");
|
||||
if ($stmt) {
|
||||
mysqli_stmt_bind_param($stmt, "s", $username);
|
||||
mysqli_stmt_execute($stmt);
|
||||
$result = mysqli_stmt_get_result($stmt);
|
||||
$user = mysqli_fetch_assoc($result);
|
||||
mysqli_stmt_close($stmt);
|
||||
|
||||
if ($user && isset($user['role']) && password_verify($password, $user['password'])) {
|
||||
// Authentifizierung erfolgreich, Session-Variablen setzen
|
||||
$_SESSION['user_id'] = $user['id'];
|
||||
$_SESSION['username'] = $username;
|
||||
$_SESSION['role'] = $user['role'];
|
||||
|
||||
// Token generieren und in der Datenbank speichern
|
||||
$token = bin2hex(random_bytes(32));
|
||||
$update_stmt = mysqli_prepare($conn, "UPDATE users SET login_token = ? WHERE id = ?");
|
||||
if ($update_stmt) {
|
||||
mysqli_stmt_bind_param($update_stmt, "si", $token, $user['id']);
|
||||
mysqli_stmt_execute($update_stmt);
|
||||
mysqli_stmt_close($update_stmt);
|
||||
}
|
||||
|
||||
// Cookies setzen, die 30 Tage gültig sind
|
||||
setcookie('auth_token', $token, time() + (86400 * 30), "/");
|
||||
setcookie('user_id', $user['id'], time() + (86400 * 30), "/");
|
||||
|
||||
header("Location: index.php");
|
||||
exit();
|
||||
} else {
|
||||
$error = "Login fehlgeschlagen.";
|
||||
}
|
||||
} else {
|
||||
// Fehler beim Vorbereiten des Statements
|
||||
$error = "Datenbankfehler.";
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html lang="de">
|
||||
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<title>DoMiLi – Login</title>
|
||||
<!-- Bootstrap CSS -->
|
||||
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
|
||||
<!-- Google Fonts Icons -->
|
||||
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
|
||||
<link href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined" rel="stylesheet">
|
||||
<!-- Custom styles -->
|
||||
<link rel="stylesheet" href="css/style.css">
|
||||
</head>
|
||||
|
||||
<body>
|
||||
|
||||
<div class="container d-flex justify-content-center align-items-center min-vh-100 py-4">
|
||||
<div class="card bg-light shadow w-100" style="max-width: 400px;">
|
||||
<div class="card-body">
|
||||
<h4 class="card-title text-center mb-4 fs-3">DoMiLi Login</h4>
|
||||
|
||||
<?php if (isset($error)) {
|
||||
?>
|
||||
<div class="alert alert-danger" role="alert">
|
||||
<?php echo $error; ?>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
|
||||
<form method="post" action="">
|
||||
<div class="mb-3">
|
||||
<label for="username" class="form-label">Benutzername</label>
|
||||
<input type="text" class="form-control form-control-lg" id="username" name="username" required autofocus>
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="password" class="form-label">Passwort</label>
|
||||
<input type="password" class="form-control form-control-lg" id="password" name="password" required>
|
||||
</div>
|
||||
<div class="d-grid">
|
||||
<button type="submit" class="btn btn-primary btn-lg">Einloggen</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<?php include('inc/footer.php'); ?>
|
||||
Reference in New Issue
Block a user