Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- error_reporting(E_ALL);
- ini_set('display_errors', '1');
- ?>
- <!DOCTYPE html>
- <html lang="en" dir="ltr">
- <head>
- <style>
- table {
- margin-top:3%;
- border-collapse: collapse;
- }
- table, th, td {
- border: 1px solid black;
- }
- td{
- padding:5px;
- }
- a{
- color:black;
- cursor:pointer;
- }
- .head{
- top: 0px;
- border-bottom:3px solid black;
- text-align:center;
- font-weight: bold;
- font-size:110%;
- }
- </style>
- <meta charset="utf-8">
- <title></title>
- </head>
- <body>
- <?php
- const DSN = "mysql:host=localhost;dbname=blog;charset=utf8";
- const USER = "root";
- const PASS= "";
- if (isset($_POST["odhlasit"])) {
- unset($_SESSION["login"]);
- }
- if (isset($_POST['odeslat'])) {
- $heslo = login($_POST['login']);
- if (!$heslo || $heslo[0]["pass"] !== $_POST["pass"]) {
- echo "Login nebo heslo je špatně";
- }else{
- if ($heslo[0]["pass"] == $_POST["pass"]) {
- echo "Přihlášení proběhlo úspěšně";
- header('Location:'.$_SERVER['PHP_SELF']);
- $_SESSION["login"] = $_POST['login'];
- $_SESSION["id_uzivatele"] = $heslo[0]["id_uzivatele"];
- }
- }
- }
- var_dump ($_SESSION);
- function login($log)
- {
- $db = new PDO(DSN, USER, PASS);
- $stmt = $db->prepare("SELECT pass, passhash, id_uzivatele FROM uzivatele WHERE login = :jmeno");
- $stmt -> execute([
- ":jmeno" => $log
- ]);
- $tabulka=$stmt->fetchAll(PDO::FETCH_ASSOC);
- return $tabulka;
- };
- function checknameunique(){
- $db = new PDO(DSN, USER, PASS);
- $stmt = $db->prepare("SELECT login FROM uzivatele WHERE login = :jmeno");
- $stmt->execute([
- ":jmeno" => $_POST["name"],
- ]);
- $jmeno=$stmt->fetchAll(PDO::FETCH_ASSOC);
- if(isset($jmeno[0]["login"])){
- return true;
- }
- return false;
- }
- function vloz(){
- try {
- $db = new PDO(DSN, USER, PASS);
- $stmt = $db -> prepare("INSERT INTO posty (nadpis, text, id_uzivatele)
- VALUES (:nadpis, :text, :id_uzivatele)");
- $stmt -> execute([
- ":nadpis" => $_POST["nadpis"],
- ":text" => $_POST["post"],
- ":id_uzivatele" => $_SESSION["id_uzivatele"]
- ]);
- }
- catch(PDOException $e){
- echo $e->getMessage();
- }
- };
- ?>
- <form method="post">
- <p>Registrace</p>
- <form action="" method="post">
- <div class="inputs">
- <input type="text" maxlength="14" name="name" placeholder="Login"><br>
- <input type="password" name="passreg" placeholder="Heslo"><br>
- <input type="password" name="passreg2" placeholder="Heslo znovu"><br>
- </div>
- <input type="submit" value="registrovat" name="regist">
- <p>Přihlášení</p>
- <input type="text" name="login" value="" placeholder="Login"><br />
- <input type="password" name="pass" value="" placeholder="Heslo"><br />
- <input type="submit" name="odeslat" value="Přihlásit">
- <?php
- if (isset($_POST["postsubmit"])) {
- vloz();
- header('Location:'.$_SERVER['PHP_SELF']);
- exit;
- }
- if (isset($_SESSION["login"])) {
- echo "<input type='submit' name= 'odhlasit' value= 'Odhlásit' />";
- echo "<p></p>";
- echo "<br/><input type='text' name='nadpis' value='' placeholder='Nadpis' />";
- echo "<br /><textarea rows='20' cols='70' name='post'></textarea>";
- echo "<br /><input type='submit' name='postsubmit' value='Vytvořit post' />";
- ?>
- <?php
- };
- if (isset($_SESSION["login"])) {
- $db = new PDO(DSN, USER, PASS);
- $stmt = $db->prepare("SELECT nadpis, text, login FROM posty, uzivatele WHERE posty.id_uzivatele = uzivatele.id_uzivatele");
- $stmt -> execute([
- ]);
- $tabulka=$stmt->fetchAll(PDO::FETCH_ASSOC);
- echo '<table>';
- for ($i = 0; $i < count($tabulka); $i++) {
- echo "<tr>";
- foreach ($tabulka[$i] as $key => $value) {
- echo "<td><br />";
- echo $tabulka[$i][$key]. "<br/>";
- echo "</td>";
- }
- if ($_SESSION["login"] == $tabulka[$i]["login"] || $_SESSION["id_uzivatele"] == 1) {
- echo "<td><a href='editblogpostu.php'>Upravit</td>";
- }
- echo "</tr>";
- }
- echo '</table>';
- };
- if (isset($_POST["regist"])) {
- if (!isset($_POST["name"]) || trim($_POST["name"]) == '') {
- echo "Nevyplnil si pole Login" . "<br>";
- }
- if (!isset($_POST["passreg"]) || trim($_POST["passreg"]) == '') {
- echo "Nevyplnil si pole Heslo" . "<br>";
- }
- if (!isset($_POST["passreg2"]) || trim($_POST["passreg2"]) == '') {
- echo "Nevyplnil si pole Heslo znovu" . "<br>";
- }
- if(checknameunique()==false){
- if($_POST["passreg"] !== $_POST["passreg2"] || $_POST["name"] == '' || $_POST["passreg"] == ''){
- $_POST["passreg2"] = "";
- $_POST["name"] = "";
- $_POST["passreg"] = "";
- }else {
- $db = new PDO(DSN, USER, PASS);
- $stmt = $db -> prepare("INSERT INTO uzivatele (login,passhash,pass)
- VALUES (:loginjmeno,:passhash, :passregist)");
- $stmt -> execute([
- ":loginjmeno" => $_POST["name"],
- ":passhash" => password_hash($_POST["passregist"], PASSWORD_DEFAULT),
- ":passregist" => $_POST["passreg"]
- ]);
- }
- }else
- echo "Zadané jméno je už použito";
- header('Location:'.$_SERVER['PHP_SELF']);
- exit;
- }
- ?>
- </form>
- </body>
- </html>
Add Comment
Please, Sign In to add comment