Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- registrieren.php
- <div class="box">
- <h2>Registrieren</h2>
- <form class="registrieren" action="includes/registrieren.inc.php" method="post">
- <input type="text" name="uid" placeholder="Benutzername">
- <input type="text" name="mail" placeholder="E-Mail">
- <input type="password" name="pwd" placeholder="Passwort">
- <input type="password" name="pwd-repeat" placeholder="Passwort wiederholen">
- <button type="submit" name="registrieren-submit">Registrieren</button>
- </form>
- </div><!--end .box-->
- registrieren.inc.php
- if(isset($_POST['registrieren-submit'])){
- // incl. DB connection
- include "db.php";
- //Übergabe POST registrieren.php , POST
- $username = $_POST['uid'];
- $email = $_POST['mail'];
- $password = $_POST['pwd'];
- $passwordRepeat = $_POST['pwd-repeat'];
- // Prüfe ob INPUT befüllt und Valide
- if(empty($username) || empty($email) || empty($password) || empty($passwordRepeat)){
- header("Location: ../registrieren.php?error=emptyfields&uid=".$username."&mail=".$email);
- exit();
- }
- else if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
- header("Location: ../registrieren.php?error=invalidmail&uid=".$username);
- exit();
- }
- else if(!preg_match("/^[a-zA-Z0-9]*$/", $username)){
- header("Location: ../registrieren.php?error=invalidmail&uid=".$email);
- exit();
- }
- else if ($password !==$passwordRepeat){
- header("Location: ../registrieren.php?error=passwordcheck&uid=".$username."&email=".$email);
- exit();
- }
- else {
- $sql = "SELECT uidUsers FROM users WHERE uidUsers=?";
- $stmt = mysqli_stmt_init($mysqli);
- if(!mysqli_stmt_prepare($stmt, $sql)){
- header("Location: ../registrieren.php?error=sqlerror");
- exit();
- }
- else{
- mysqli_stmt_bind_param($stmt, "s", $username);
- mysqli_stmt_execute($stmt);
- mysqli_stmt_store_result($stmt);
- $resultCheck = mysqli_stmt_num_rows($stmt);
- if($resultCheck > 0){
- header("Location: ../registrieren.php?error=usertaken&email=".$email);
- exit();
- }
- else{
- $sql = "INSERT INTO users (uidUsers, emailUsers, pwdUsers) VALUES (?, ?, ?) ";
- $stmt = mysqli_stmt_init($mysqli);
- if(!mysqli_stmt_prepare($stmt, $sql)){
- header("Location: ../registrieren.php?error=sqlerror");
- exit();
- }
- else{
- $hashedPwd = password_hash($password, PASSWORD_DEFAULT);
- mysqli_stmt_bind_param($stmt, "sss", $username, $email, $hashedPwd);
- mysqli_stmt_execute($stmt);
- header("Location: ../registrieren.php?signup=success");
- exit();
- }
- }
- }
- }
- mysqli_stmt_close($stmt);
- mysqli_close($mysqli);
- }
- else{
- header("Location: ../index.php");
- exit();
- }
- /*
- Soweit funktioniert alles
- */
- ////////////////
- Login.php
- <div class="box">
- <h2>Login System </h2>
- <?php echo $msg; ?>
- <form class="login" action="includes/login.inc.php" method="post">
- <input type="text" name="mailuid" placeholder="Benutzername oder E-Mail...">
- <input type="password" name="pwd" placeholder="Passwort">
- <button type="submit" name="login-submit">Einloggen</button>
- </form>
- <a href="registrieren.php">Registrieren</a>
- <form class="logout" action="includes/logout.inc.php" method="post">
- <button type="submit" name="logout-submit">Ausloggen</button>
- </form>
- </div><!--end .box-->
- login.inc.php
- if(isset($_POST['login-submit'])){
- // incl. DB connection
- include "db.php";
- $mailuid = $_POST['mailuid'];
- $password = $_POST['pwd'];
- if(empty($mailuid) || empty($password)){
- header("Location: ../index.php?error=emtyfields");
- exit();
- }
- else{
- $sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers=?";
- $stmt = mysqli_stmt_init($mysqli);
- if(!mysqli_stmt_prepare($stmt, $sql)){
- header("Location: ../index.php?error=sqlerror");
- exit();
- }
- else{
- mysqli_stmt_bind_param($stmt, "ss" , $mailuid, $password );
- mysqli_stmt_execute($stmt);
- $result = mysqli_stmt_get_result($stmt);
- if($row = mysqli_fetch_assoc($result)){ /*Fehler : evtl hier?*/
- $pwdCheck = password_verify($password, $row['pwdUsers']);
- if($pwdCheck == false){
- header("Location: ../index.php?error=wrongpwd");
- exit();
- }
- else if ($pwdCheck == true){
- session_start();
- $_SESSION['userId'] = $row['idUsers'];
- $_SESSION['userUId'] = $row['uidUsers'];
- header("Location: ../index.php?login=success");
- exit();
- }
- }else{
- header("Location: ../index.php?error=nouser");
- exit();
- }
- }
- }
- }
- else{
- header("Location: ../index.php");
- exit();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement