<!DOCTYPE html> <html> <head> <title>Login</title> </head> <body>

1. <!DOCTYPE html>
2. <html>
3. <head>
4.   <title>Login</title>
5. </head>
6. <body>
7.  
8. <?php
9.  
10. }
11. ?>
12. <center>
13. <form action="?login=1" method="post">
14. E-Mail:<br>
15. <input type="email" size="40" maxlength="250" name="email"><br><br>
16.  
17. Passwort:<br>
18. <input type="password" size="40"  maxlength="250" name="passwort"><br>
19.  
20. <input type="submit" value="Anmelden">
21. </form>
22. </body>
23. </center>
24. </html>
25.  
26. <?php
27. session_start();
28. $pdo = new PDO('mysql:host=localhost;dbname=users', 'admin', 'passwort') or die("Connect failed: %s\n". $conn -> error);
29.  
30. include openconn.php;
31. $conn = OpenCon();
32.  
33. echo "Connected Successfully";
34.  
35. CloseCon($conn);
36. //include 'db_connection.php';
37. //$dbhost = "localhost";
38. //$dbuser = "admin";
39. //$dbpass = "passwort";
40. //$db = "users";
41.  
42. //$pdo = new mysqli($dbhost, $dbuser, $dbpass,$db) or die("Connect failed: %s\n". $conn -> error);
43.  
44.  
45. if(isset($_GET['login'])) {
46.  $email = $_POST['email'];
47.  $passwort = $_POST['passwort'];
48.  
49.  $statement = $pdo->prepare("SELECT * FROM users WHERE email = :email");
50.  $result = $statement->execute(array('email' => $email));
51.  $user = $statement->fetch();
52.  
53.  //Überprüfung des Passworts
54.  if ($user !== false && password_verify($passwort, $user['passwort'])) {
55.  $_SESSION['userid'] = $user['id'];
56.  die('Login erfolgreich. Weiter zu <a href="geheim.php">internen Bereich</a>');
57.  } else {
58.   if(isset($errorMessage)) {
59.     echo $errorMessage;
60.  $errorMessage = "E-Mail oder Passwort war ungültig<br>";
61.  echo "Fehler";
62.  }
63.  
64. }
65.  
66. ?>