USERS-SQL: -- phpMyAdmin SQL Dump -- version 4.1.12 -- http://www.phpmyadmin.net -- -- Host: 127.0.0.1 -- Erstellungszeit: 21. Aug 2014 um 16:44 -- Server Version: 5.6.16 -- PHP-Version: 5.5.11 SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO"; SET time_zone = "+00:00"; -- -- Datenbank: `planer` -- -- -------------------------------------------------------- -- -- Tabellenstruktur für Tabelle `users` -- CREATE TABLE IF NOT EXISTS `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(64) NOT NULL, `password` varchar(64) NOT NULL, `class` varchar(32) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ; -- -- Daten für Tabelle `users` -- INSERT INTO `users` (`id`, `username`, `password`, `class`) VALUES (1, 'Moe', 'ecaec4ded876212f32e909425153f166', 'TGI'); header-inc.php: getClass(); $mode = 0; $user->sessionCheck(); if(isset($_POST['login'])) { // Pressed login button $user->login($_POST['user']['username'], $_POST['user']['password']); } if(isset($_GET['a']) && $_GET['a'] == 'logout') { // Log out unset($_SESSION['loggedIn']); session_destroy(); $user->logout(); } ?> Vertretungsplan' . $class . ' vom ' . $date . ' '; elseif ($mode == 2) echo ' Planer ' . $class . ' (' . $week . '. Kalenderwoche) '; elseif ($mode == 0) echo ' Stundenplan ' . $class . ' (' . $week . '. Kalenderwoche) '; ?>
user.class.php: pdo = $pdo; $this->setName("Guest"); $this->setClass("example"); $this->logout(); } public function getName() { return $this->name; } public function getClass() { return $this->Class; } public function getLoggedIn() { return $this->LoggedIn; } public function setName($name) { return $this->name = $name; } public function setClass($class) { return $this->Class = $class; } public function login($username, $password) { try { $sql = "SELECT * FROM `users` WHERE username = \"" . $username . "\";"; $stmt = $this->pdo->prepare($sql); $stmt->execute(); if($stmt->rowCount() == 0) { // No such user $this->LoggedIn = false; $_SESSION['loggedIn'] = false; return false; } else if($stmt->rowCount() > 1) { // Multiple users with the same name, shouldn't happen but just to be secure.. $this->LoggedIn = false; $_SESSION['loggedIn'] = false; return false; } $results = $stmt->fetchAll(PDO::FETCH_ASSOC); if($results[0]['password'] == md5($password)) { // Logged in $this->LoggedIn = true; $this->setName($username); $this->setClass($results[0]['class']); $_SESSION['loggedIn'] = true; $_SESSION['username'] = $username; $_SESSION['class'] = $results[0]['class']; return true; } else { // Wrong password $this->LoggedIn = false; $_SESSION['loggedIn'] = false; return false; } } catch (PDOException $e) { echo $e->getMessage(); return false; } return false; //return $this->LoggedIn = true; } public function logout() { return $this->LoggedIn = false; } public function sessionCheck() { if(isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] == true) { $this->LoggedIn = true; $this->setName($_SESSION['username']); $this->setClass($_SESSION['class']); } } } ?> footer.inc.php:
custom.js: $(function() { // Login form dropdown $('.dropdown-toggle').click(function(e) { e.preventDefault(); $('.dropdown-menu').toggle(); }); }); index.php: show(); include 'inc/footer.inc.php'; ?>