inlog

1. <!DOCTYPE html>
2. <html lang="en">
3. <head>
4. <meta charset="utf-8">
5. <link href="css/bootstrap.min.css" rel="stylesheet">
6. <link href="css/main.css" rel="stylesheet">
7. <script src="js/bootstrap.min.js"></script>
8. </head>
9. <body>
10.  
11. <nav>
12. <ul>
13. <li><a href="index.php">Home</a></li>
14. <li><a href="orders.php">Orders</a></li>
15. <li><a href="dvds.php">Dvds</a></li>
16. <li><a href="clients.php">Clients</a></li>
17. </ul>
18. </nav>
19.  
20. <form id="login" action="" method="POST">
21. <input type="text" name="username" placeholder="Username" />
22. <input type="password" name="password" placeholder="Password" />
23. <button type="submit" name="submit">Login</button>
24. </form>
25.  
26. <?php
27. try {
28. $conn = new PDO('mysql:host=localhost;dbname=videotheek', "USERNAME", "PASSWORD");
29. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
30. } catch(PDOException $e) {
31. echo 'ERROR: ' . $e->getMessage();
32. }
33.  
34. if (isset($_POST['submit'])) {
35.  
36. if(isset($_POST['username'])) {
37.  
38. if(isset($_POST['password'])) {
39.  
40. $username = $_POST['username'];
41. $password = $_POST['password'];
42.  
43. $username = filter_var($username, FILTER_SANITIZE_STRING);
44. $password = filter_var($password, FILTER_SANITIZE_STRING);
45.  
46. $query = $conn->prepare("SELECT COUNT(`id`) FROM `users` WHERE `username` = :username AND `password` = :password");
47. $query->execute(array('username' => $username, 'password' => $password));
48.  
49. $count = $query->fetchColumn();
50.  
51. if ($count == "1"){
52. echo "Logged in."; // doe je logged in script
53. } else {
54. echo "Wrong username / password combination";
55. }
56.  
57. } else {
58. echo "Password is vereist.";
59. }
60.  
61. } else {
62. echo "Username is vereist.";
63. }
64.  
65. }
66.  
67. ?>
68. </body>
69. </html>