index.txt

1. <!DOCTYPE html>
2. <html>
3. <head>
4. <title></title>
5. <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
6. </head>
7. <body>
8. <div class="text-center">
9. <h1>Anmeldung zur Benutzerverwaltung!</h1>
10. <div class="container">
11. <form method="POST" action="index.php">
12. <div class="form-group row">
13. <input class="form-control" type="text" placeholder="Benutzername" name="username" id="username">
14. </div>
15. <div class="form-group row">
16. <input class="form-control" type="password" placeholder="Password" name="password" id="password">
17. </div>
18. <div class="form-group row">
19. <input class="form-control" type="submit" value="Einloggen">
20. </div>
21. </form>
22. </div>
23. <p>Noch kein Account? <a href="register.php">Registriere dich hier!</a></p>
24. </div>
25.  
26.  
27. <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
28. </body>
29. </html>
30.  
31. <?php
32. ini_set('display_errors', 1);
33. ini_set('display_startup_errors', 1);
34. error_reporting(E_ALL);
35.  
36. if($_SERVER['REQUEST_METHOD'] == "POST" && isset($_POST["username"])){
37. session_start();
38. include "LoginClass.php";
39. include "dbconfig.php";
40.  
41. $error = array();
42.  
43. $username = trim($_POST["username"]);
44. $password = $_POST["password"];
45.  
46. $user = new LoginClass();
47. $user->setUsername($username);
48. $user->setPassword($password);
49.  
50. if(!$user->checkIfUsernameExists($user->getUsername(), $DB_con)){
51. array_push($error, "Benutzername existiert nicht.");
52. }
53.  
54. if(!empty($error)){
55. foreach ($error as $e) {
56. echo $e . "<br>";
57. }
58. }
59. else{
60. if($user->checkLogin($user->getUsername(), $user->getPassword(), $DB_con)){
61. echo "passwort stimmt!";
62. $_SESSION["is_logged_in"] = true;
63. $_SESSION["role"] = $user->getRole($username, $DB_con);
64. if($_SESSION["role"] == "admin"){
65. header('Location: admin.php');
66. }
67. else{
68. header('Location: secret.php');
69. }
70. }
71. else{
72. echo "passwort stimmt nicht :c";
73. }
74. }
75.  
76.  
77.  
78.  
79. }
80. ?>