<?phpinclude ('login.php');if (isset($_SESSION['login_user'])) {header("loca

1. <?php
2. include ('login.php');
3.  
4. if (isset($_SESSION['login_user'])) {
5. header("location: index.php");
6. }
7. ?>
8. <!DOCTYPE html>
9. <html>
10. <head>
11. <title>SV STAMA</title>
12. <meta charset="UTF-8"/>
13.  
14. <style type="text/css">
15. //my stylesheet
16. </style>
17. </head>
18. <body>
19. <div class="login-page">
20. <div class="form">
21. <form class="register-form">
22. <input type="text" placeholder="Voller Name" id="nameR" name="nameR"/>
23. <input type="text" placeholder="Benutzername" id="usernameR" name="usernameR"/>
24. <input type="text" placeholder="E-Mail" id="mailR" name="mailR"/>
25. <input type="password" placeholder="Passwort" id="passwordR" name="passwordR"/>
26. <input type="password" placeholder="Passwort wiederholen" id="passwordV" name="passwordV"/>
27. <input type="number" placeholder="Klasse" min="5" max="13" step="1" id="classR" name="classR"/>
28. <button name="register">Erstellen</button>
29. <p class="message">
30. Bereits registriert? <a href="#">Einloggen</a>
31. </p>
32. </form>
33. <form class="login-form" action="" method="post">
34. <input type="text" placeholder="Benutzername" id="name" name="username"/>
35. <input type="password" placeholder="Passwort" id="password" name="password"/>
36. <button name="submit">Login</button>
37. <p class="message">
38. Noch nicht registiert? <a href="#">Erstelle einen Account</a>
39. </p>
40. </form>
41. </div>
42. </div>
43. <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
44. <script src="script.js"></script>
45. </body>
46.  
47. <?php
48. session_start();
49. $error = '';
50. if (isset($_POST['submit'])) {
51. if (empty($_POST['username']) || empty($_POST['password'])) {
52. $error = "Alle Felder ausfüllen!";
53. } else {
54. $username = $_POST['username'];
55. $password = $_POST['password'];
56. $connection = mysql_connect("localhost", "***", "***") or die('Fehler: ' . mysql_error());
57. $username = stripslashes($username);
58. $password = stripslashes($password);
59. $username = mysql_real_escape_string($username);
60. $password = mysql_real_escape_string($password);
61. $db = mysql_select_db("***") or die('Fehler: ' . mysql_error());
62. $query = mysql_query("SELECT * FROM Benutzer WHERE username='$username'", $connection) or die('Fehler: ' . mysql_error());
63. $rows = mysql_num_rows($query);
64. $row = mysql_fetch_row($query);
65.  
66. $pass = $row[4];
67.  
68. if ($rows == 1) {
69. if (password_verify($password, $pass)) {
70. $_SESSION['login_user'] = $username;
71. header("location: index.php");
72. }
73. } else {
74. $error = "Username or Password is invalid";
75. }
76. mysql_close($connection);
77. }
78. }else if (isset($_POST['register'])) {
79. if (empty($_POST['nameR']) || empty($_POST['usernameR']) || empty($_POST['mailR']) || empty($_POST['passwordR']) || empty($_POST['passwordV']) || empty($_POST['classR'])) {
80. $error = "Alle Felder ausfüllen!";
81. } else {
82. $nameR = $_POST['nameR'];
83. $usernameR = $_POST['usernameR'];
84. $mailR = $_POST['mailR'];
85. $passwordR = $_POST['passwordR'];
86. $passwordV = $_POST['passwordV'];
87. $classR = $_POST['classR'];
88.  
89. if ($passwordV == $passwordR) {
90. $connection = mysql_connect("localhost", "***", "***") or die('Fehler: ' . mysql_error());
91. $db = mysql_select_db("***") or die('Fehler: ' . mysql_error());
92. $query = mysql_query("SELECT * FROM Benutzer WHERE username='$usernameR'", $connection) or die('Fehler: ' . mysql_error());
93. $rows = mysql_num_rows($query);
94.  
95. if ($rows < 1) {
96. $error = "Benutzername bereits vergeben!";
97. } else {
98. $insert_query = mysql_query("INSERT INTO Benutzer (username, name, klasse, password, e_mail) VALUES ('$usernameR','$nameR','$classR','$passwordR','$mailR')") or die('Fehler: ' . mysql_error());
99. header("location:index.php");
100. }
101. } else {
102. $error = "Passwörter stimmen nicht überein!";
103. }
104. }
105. }
106. ?>