<?phpsession_start();try { $db = new PDO("mysql:dbname=dt003514798",

1. <?php
2.  
3. session_start();
4.  
5. try {
6.  
7.     $db = new PDO("mysql:dbname=dt003514798", "dt003514798", "uN0nei1N");
8.  
9. }   catch (PDOexception $e) {
10.  
11.     echo "Greska kod spajanja na bazu: " . $e->getMessage();
12.  
13. }
14.  
15. $db->exec("SET NAMES utf8");
16.  
17. if (isset($_POST['usr_register'])) {
18.  
19.     //enter podatke u bazu
20.     $qdodaj = $db->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
21.  
22.     if (isset($_POST['usr_name']) && isset($_POST['usr_pwd'])) {
23.    
24.         $qdodaj->execute(array(
25.             $_POST['usr_name'], sha1($_POST['usr_pwd'])
26.             ));
27.  
28.     }
29.  
30. }
31.  
32. if (isset($_POST['usr_login'])) {
33.  
34.     //check podatke iz baze
35.     $q_check = $db->prepare("SELECT * FROM users WHERE username = :username AND password = :password");
36.     $q_check->bindValue(':username', $_POST['username'], PDO::PARAM_STR);
37.     $q_check->bindValue(':password', sha1($_POST['password']), PDO::PARAM_STR);
38.     $q_check->execute();
39.     $data = $q_check->fetchAll();
40.    
41.     if (!empty($data)) {
42.         $_SESSION['user_id'] = $data['id'];
43.         var_dump($data);
44.  
45.     }
46.    
47.  
48.  
49. }
50.  
51.  
52. if (!isset($_SESSION['user_id'])) {
53.  
54.     header("Location: login.php"); 
55.  
56. } else {
57. ?>
58.  
59. <html>
60. <form action="zad2.php" method="post">
61. <input type="submit" value="odlogiraj se!" name="usr_logoff"/>
62. </form>
63.  
64. <?
65. }
66.  
67. if (isset($_POST['sess_dstr'])) {
68.  
69.     session_destroy();
70.     $_SESSION = array();
71.  
72. }
73.  
74.  
75.  
76. ?>
77. </html>