thies/loginpagefoo
Template
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

introducing usernames #11

Merged
td00 merged 4 commits from username into master 2021-01-08 15:04:37 +00:00
Conversation 0 Commits 4 Files Changed 3 +26 -11
3 changed files with 26 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
login.php
View File

@ -3,22 +3,22 @@ session_start();
$pdo = new PDO('mysql:host=localhost;dbname=usertable', 'usertable', 'password'); $pdo = new PDO('mysql:host=localhost;dbname=usertable', 'usertable', 'password');
if(isset($_GET['login'])) { if(isset($_GET['login'])) {
$email = $_POST['email']; $username = $_POST['username'];
$password = $_POST['password']; $password = $_POST['password'];
$statement = $pdo->prepare("SELECT * FROM users WHERE email = :email"); $statement = $pdo->prepare("SELECT * FROM users WHERE username = :username");
$result = $statement->execute(array('email' => $email)); $result = $statement->execute(array('username' => $username));
$user = $statement->fetch(); $user = $statement->fetch();
//Überprüfung des Passworts
if ($user !== false && password_verify($password, $user['password'])) { if ($user !== false && password_verify($password, $user['password'])) {
$_SESSION['userid'] = $user['id']; $_SESSION['userid'] = $user['id'];
$_SESSION['email'] = $user['email']; $_SESSION['email'] = $user['email'];
$_SESSION['username'] = $user['username'];
$_SESSION['givenName'] = $user['givenName']; $_SESSION['givenName'] = $user['givenName'];
$_SESSION['lastName'] = $user['lastName']; $_SESSION['lastName'] = $user['lastName'];
die('successfull. go to: <a href="secure.php">secure page</a>'); die('successfull. go to: <a href="secure.php">secure page</a>');
} else { } else {
$errorMessage = "somethings wrong (maybe wrong password or wrong email)<br>"; $errorMessage = "somethings wrong (maybe wrong password or wrong user)<br>";
} }
} }
@ -37,8 +37,8 @@ if(isset($errorMessage)) {
?> ?>
<form action="?login=1" method="post"> <form action="?login=1" method="post">
E-Mail:<br> Your Username:<br>
<input type="email" size="40" maxlength="250" name="email"><br><br> <input type="text" size="40" maxlength="250" name="username"><br><br>
Your password:<br> Your password:<br>
<input type="password" size="40" name="password"><br> <input type="password" size="40" name="password"><br>

20
register.php
View File

@ -15,6 +15,7 @@ $showFormular = true;
if(isset($_GET['register'])) { if(isset($_GET['register'])) {
$error = false; $error = false;
$email = $_POST['email']; $email = $_POST['email'];
$username = $_POST['username'];
$givenName = $_POST['givenName']; $givenName = $_POST['givenName'];
$lastName = $_POST['lastName']; $lastName = $_POST['lastName'];
$password = $_POST['password']; $password = $_POST['password'];
@ -45,11 +46,22 @@ if(isset($_GET['register'])) {
} }
} }
if(!$error) {
$statement = $pdo->prepare("SELECT * FROM users WHERE username = :username");
$result = $statement->execute(array('username' => $username));
$user = $statement->fetch();
if($user !== false) {
echo 'already a user here<br>';
$error = true;
}
}
if(!$error) { if(!$error) {
$password_hash = password_hash($password, PASSWORD_DEFAULT); $password_hash = password_hash($password, PASSWORD_DEFAULT);
$statement = $pdo->prepare("INSERT INTO users (email, givenName, lastName, password) VALUES (:email, :givenName, :lastName, :password)"); $statement = $pdo->prepare("INSERT INTO users (email, username, givenName, lastName, password) VALUES (:email, :username, :givenName, :lastName, :password)");
$result = $statement->execute(array('email' => $email, 'givenName' => $givenName, 'lastName' => $lastName, 'password' => $password_hash)); $result = $statement->execute(array('email' => $email, 'username' => $username, 'givenName' => $givenName, 'lastName' => $lastName, 'password' => $password_hash));
if($result) { if($result) {
echo 'successfull registered. <a href="login.php">Login</a>'; echo 'successfull registered. <a href="login.php">Login</a>';
@ -66,12 +78,14 @@ if($showFormular) {
<form action="?register=1" method="post"> <form action="?register=1" method="post">
E-Mail:<br> E-Mail:<br>
<input type="email" size="40" maxlength="250" name="email"><br><br> <input type="email" size="40" maxlength="250" name="email"><br><br>
Username:<br>
<input type="text" size="40" name="username"><br><br>
Given Name:<br> Given Name:<br>
<input type="text" size="40" name="givenName"><br><br> <input type="text" size="40" name="givenName"><br><br>
Family Name:<br> Family Name:<br>
<input type="text" size="40" name="lastName"><br><br> <input type="text" size="40" name="lastName"><br><br>
Password:<br> Password:<br>
<input type="password" size="40" name="password"><br> <input type="password" size="40" name="password"><br><br>
Password (aganin):<br> Password (aganin):<br>
<input type="password" size="40" name="password_confirm"><br><br> <input type="password" size="40" name="password_confirm"><br><br>

3
secure.php
View File

@ -6,11 +6,12 @@ if(!isset($_SESSION['userid'])) {
} }
$userid = $_SESSION['userid']; $userid = $_SESSION['userid'];
$username = $_SESSION['username'];
$useremail = $_SESSION['email']; $useremail = $_SESSION['email'];
$usergn = $_SESSION['givenName']; $usergn = $_SESSION['givenName'];
$userln = $_SESSION['lastName']; $userln = $_SESSION['lastName'];
echo "Hi ".$usergn; echo "Hi ".$username;
echo "<br/>"; echo "<br/>";
echo "Your User-ID is: ".$userid; echo "Your User-ID is: ".$userid;
echo "<br/>"; echo "<br/>";