<?phpsession_start();error_reporting(E_ALL);ini_set('display_errors', '1');

1. <?php
2.  
3. session_start();
4. error_reporting(E_ALL);
5. ini_set('display_errors', '1');
6. ?>
7. <!DOCTYPE html>
8. <html lang="en" dir="ltr">
9. <head>
10. <style>
11. table {
12. margin-top:3%;
13. border-collapse: collapse;
14. }
15.  
16. table, th, td {
17. border: 1px solid black;
18. }
19.  
20. td{
21. padding:5px;
22. }
23. a{
24. color:black;
25.  
26. cursor:pointer;
27. }
28. .head{
29. top: 0px;
30. border-bottom:3px solid black;
31. text-align:center;
32. font-weight: bold;
33. font-size:110%;
34. }
35. </style>
36. <meta charset="utf-8">
37. <title></title>
38. </head>
39. <body>
40.  
41. <?php
42. const DSN = "mysql:host=localhost;dbname=blog;charset=utf8";
43. const USER = "root";
44. const PASS= "";
45. if (isset($_POST["odhlasit"])) {
46. unset($_SESSION["login"]);
47. }
48. if (isset($_POST['odeslat'])) {
49. $heslo = login($_POST['login']);
50. if (!$heslo || $heslo[0]["pass"] !== $_POST["pass"]) {
51. echo "Login nebo heslo je špatně";
52. }else{
53. if ($heslo[0]["pass"] == $_POST["pass"]) {
54. echo "Přihlášení proběhlo úspěšně";
55. header('Location:'.$_SERVER['PHP_SELF']);
56. $_SESSION["login"] = $_POST['login'];
57. $_SESSION["id_uzivatele"] = $heslo[0]["id_uzivatele"];
58. }
59. }
60. }
61. var_dump ($_SESSION);
62.  
63. function login($log)
64. {
65. $db = new PDO(DSN, USER, PASS);
66. $stmt = $db->prepare("SELECT pass, passhash, id_uzivatele FROM uzivatele WHERE login = :jmeno");
67. $stmt -> execute([
68. ":jmeno" => $log
69. ]);
70. $tabulka=$stmt->fetchAll(PDO::FETCH_ASSOC);
71. return $tabulka;
72.  
73. };
74. function checknameunique(){
75. $db = new PDO(DSN, USER, PASS);
76. $stmt = $db->prepare("SELECT login FROM uzivatele WHERE login = :jmeno");
77. $stmt->execute([
78. ":jmeno" => $_POST["name"],
79. ]);
80. $jmeno=$stmt->fetchAll(PDO::FETCH_ASSOC);
81. if(isset($jmeno[0]["login"])){
82. return true;
83. }
84. return false;
85. }
86. function vloz(){
87. try {
88. $db = new PDO(DSN, USER, PASS);
89. $stmt = $db -> prepare("INSERT INTO posty (nadpis, text, id_uzivatele)
90. VALUES (:nadpis, :text, :id_uzivatele)");
91. $stmt -> execute([
92. ":nadpis" => $_POST["nadpis"],
93. ":text" => $_POST["post"],
94. ":id_uzivatele" => $_SESSION["id_uzivatele"]
95. ]);
96. }
97. catch(PDOException $e){
98. echo $e->getMessage();
99.  
100. }
101. };
102.  
103.  
104.  
105. ?>
106. <form method="post">
107. <p>Registrace</p>
108.  
109. <form action="" method="post">
110. <div class="inputs">
111. <input type="text" maxlength="14" name="name" placeholder="Login"><br>
112. <input type="password" name="passreg" placeholder="Heslo"><br>
113. <input type="password" name="passreg2" placeholder="Heslo znovu"><br>
114.  
115.  
116. </div>
117. <input type="submit" value="registrovat" name="regist">
118. <p>Přihlášení</p>
119. <input type="text" name="login" value="" placeholder="Login"><br />
120. <input type="password" name="pass" value="" placeholder="Heslo"><br />
121. <input type="submit" name="odeslat" value="Přihlásit">
122. <?php
123. if (isset($_POST["postsubmit"])) {
124. vloz();
125. header('Location:'.$_SERVER['PHP_SELF']);
126. exit;
127.  
128. }
129.  
130. if (isset($_SESSION["login"])) {
131. echo "<input type='submit' name= 'odhlasit' value= 'Odhlásit' />";
132. echo "<p></p>";
133. echo "<br/><input type='text' name='nadpis' value='' placeholder='Nadpis' />";
134. echo "<br /><textarea rows='20' cols='70' name='post'></textarea>";
135. echo "<br /><input type='submit' name='postsubmit' value='Vytvořit post' />";
136. ?>
137.  
138. <?php
139. };
140. if (isset($_SESSION["login"])) {
141. $db = new PDO(DSN, USER, PASS);
142. $stmt = $db->prepare("SELECT nadpis, text, login FROM posty, uzivatele WHERE posty.id_uzivatele = uzivatele.id_uzivatele");
143. $stmt -> execute([
144. ]);
145. $tabulka=$stmt->fetchAll(PDO::FETCH_ASSOC);
146.  
147. echo '<table>';
148. for ($i = 0; $i < count($tabulka); $i++) {
149. echo "<tr>";
150. foreach ($tabulka[$i] as $key => $value) {
151. echo "<td><br />";
152. echo $tabulka[$i][$key]. "<br/>";
153. echo "</td>";
154. }
155. if ($_SESSION["login"] == $tabulka[$i]["login"] || $_SESSION["id_uzivatele"] == 1) {
156. echo "<td><a href='editblogpostu.php'>Upravit</td>";
157. }
158.  
159. echo "</tr>";
160. }
161. echo '</table>';
162.  
163.  
164. };
165.  
166. if (isset($_POST["regist"])) {
167. if (!isset($_POST["name"]) || trim($_POST["name"]) == '') {
168. echo "Nevyplnil si pole Login" . "<br>";
169. }
170. if (!isset($_POST["passreg"]) || trim($_POST["passreg"]) == '') {
171. echo "Nevyplnil si pole Heslo" . "<br>";
172. }
173. if (!isset($_POST["passreg2"]) || trim($_POST["passreg2"]) == '') {
174. echo "Nevyplnil si pole Heslo znovu" . "<br>";
175. }
176. if(checknameunique()==false){
177. if($_POST["passreg"] !== $_POST["passreg2"] || $_POST["name"] == '' || $_POST["passreg"] == ''){
178. $_POST["passreg2"] = "";
179. $_POST["name"] = "";
180. $_POST["passreg"] = "";
181. }else {
182. $db = new PDO(DSN, USER, PASS);
183. $stmt = $db -> prepare("INSERT INTO uzivatele (login,passhash,pass)
184. VALUES (:loginjmeno,:passhash, :passregist)");
185. $stmt -> execute([
186. ":loginjmeno" => $_POST["name"],
187. ":passhash" => password_hash($_POST["passregist"], PASSWORD_DEFAULT),
188. ":passregist" => $_POST["passreg"]
189. ]);
190. }
191. }else
192. echo "Zadané jméno je už použito";
193. header('Location:'.$_SERVER['PHP_SELF']);
194. exit;
195. }
196.  
197. ?>
198.  
199. </form>
200. </body>
201.  
202. </html>