diff --git a/login.php b/login.php index 0bc4d0e..aa62402 100644 --- a/login.php +++ b/login.php @@ -3,22 +3,22 @@ session_start(); $pdo = new PDO('mysql:host=localhost;dbname=usertable', 'usertable', 'password'); if(isset($_GET['login'])) { - $email = $_POST['email']; + $username = $_POST['username']; $password = $_POST['password']; - $statement = $pdo->prepare("SELECT * FROM users WHERE email = :email"); - $result = $statement->execute(array('email' => $email)); + $statement = $pdo->prepare("SELECT * FROM users WHERE username = :username"); + $result = $statement->execute(array('username' => $username)); $user = $statement->fetch(); - //Überprüfung des Passworts if ($user !== false && password_verify($password, $user['password'])) { $_SESSION['userid'] = $user['id']; $_SESSION['email'] = $user['email']; + $_SESSION['username'] = $user['username']; $_SESSION['givenName'] = $user['givenName']; $_SESSION['lastName'] = $user['lastName']; die('successfull. go to: secure page'); } else { - $errorMessage = "somethings wrong (maybe wrong password or wrong email)
"; + $errorMessage = "somethings wrong (maybe wrong password or wrong user)
"; } } @@ -37,8 +37,8 @@ if(isset($errorMessage)) { ?>
-E-Mail:
-

+Your Username:
+

Your password:

diff --git a/register.php b/register.php index 8530fd0..5261d9d 100644 --- a/register.php +++ b/register.php @@ -15,6 +15,7 @@ $showFormular = true; if(isset($_GET['register'])) { $error = false; $email = $_POST['email']; + $username = $_POST['username']; $givenName = $_POST['givenName']; $lastName = $_POST['lastName']; $password = $_POST['password']; @@ -45,11 +46,22 @@ if(isset($_GET['register'])) { } } + if(!$error) { + $statement = $pdo->prepare("SELECT * FROM users WHERE username = :username"); + $result = $statement->execute(array('username' => $username)); + $user = $statement->fetch(); + + if($user !== false) { + echo 'already a user here
'; + $error = true; + } + } + if(!$error) { $password_hash = password_hash($password, PASSWORD_DEFAULT); - $statement = $pdo->prepare("INSERT INTO users (email, givenName, lastName, password) VALUES (:email, :givenName, :lastName, :password)"); - $result = $statement->execute(array('email' => $email, 'givenName' => $givenName, 'lastName' => $lastName, 'password' => $password_hash)); + $statement = $pdo->prepare("INSERT INTO users (email, username, givenName, lastName, password) VALUES (:email, :username, :givenName, :lastName, :password)"); + $result = $statement->execute(array('email' => $email, 'username' => $username, 'givenName' => $givenName, 'lastName' => $lastName, 'password' => $password_hash)); if($result) { echo 'successfull registered. Login'; @@ -66,12 +78,14 @@ if($showFormular) { E-Mail:


+Username:
+

Given Name:


Family Name:


Password:
-
+

Password (aganin):


diff --git a/secure.php b/secure.php index 769ee86..c2d8d88 100644 --- a/secure.php +++ b/secure.php @@ -6,11 +6,12 @@ if(!isset($_SESSION['userid'])) { } $userid = $_SESSION['userid']; +$username = $_SESSION['username']; $useremail = $_SESSION['email']; $usergn = $_SESSION['givenName']; $userln = $_SESSION['lastName']; -echo "Hi ".$usergn; +echo "Hi ".$username; echo "
"; echo "Your User-ID is: ".$userid; echo "
";