Borgal/domili
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bc816cfd2e1443c5782b17a509f6c6691a980a0b
domili/login.php
Borgal bc816cfd2e Layout vereinheitlicht
2025-08-13 11:55:20 +02:00

102 lines
3.8 KiB
PHP
Executable File
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
session_start();
include('inc/db.php');
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = $_POST['username'];
$password = $_POST['password'];
// 1. Prepared Statement vorbereiten
$stmt = mysqli_prepare($conn, "SELECT id, username, password, email, role FROM users WHERE username = ?");
if ($stmt) {
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$user = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
if ($user && isset($user['role']) && password_verify($password, $user['password'])) {
// Authentifizierung erfolgreich, Session-Variablen setzen
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $username;
$_SESSION['email'] = $user['email'];
$_SESSION['role'] = $user['role'];
// Token generieren und in der Datenbank speichern
$token = bin2hex(random_bytes(32));
$update_stmt = mysqli_prepare($conn, "UPDATE users SET login_token = ? WHERE id = ?");
if ($update_stmt) {
mysqli_stmt_bind_param($update_stmt, "si", $token, $user['id']);
mysqli_stmt_execute($update_stmt);
mysqli_stmt_close($update_stmt);
}
// Cookies setzen, die 30 Tage gültig sind
setcookie('auth_token', $token, time() + (86400 * 30), "/");
setcookie('user_id', $user['id'], time() + (86400 * 30), "/");
header("Location: index.php");
exit();
} else {
$error = "Login fehlgeschlagen.";
}
} else {
// Fehler beim Vorbereiten des Statements
$error = "Datenbankfehler.";
}
}
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>DoMiLi Login</title>
<!-- Bootstrap CSS -->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<!-- Google Fonts Icons -->
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined" rel="stylesheet">
<!-- Custom styles -->
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="container d-flex justify-content-center align-items-start min-vh-100 py-4 pt-5">
<div class="card bg-light shadow w-100" style="max-width: 400px;">
<div class="card-body">
<h4 class="card-title text-center mb-4 fs-3">DoMiLi Login</h4>
<?php if (isset($error)) {
?>
<div class="alert alert-danger" role="alert">
<?php echo $error; ?>
</div>
<?php
}
?>
<form method="post" action="">
<div class="mb-3">
<label for="username" class="form-label">Benutzername</label>
<input type="text" class="form-control form-control-lg" id="username" name="username" required autofocus>
</div>
<div class="mb-3">
<label for="password" class="form-label">Passwort</label>
<input type="password" class="form-control form-control-lg" id="password" name="password" required>
</div>
<div class="d-grid">
<button type="submit" class="btn btn-primary btn-lg">Einloggen</button>
</div>
</form>
</div>
</div>
</div>
<?php include('inc/footer.php'); ?>
Reference in New Issue View Git Blame Copy Permalink