46 lines
1.1 KiB
PHP
46 lines
1.1 KiB
PHP
<?php
|
|
session_start();
|
|
$pdo = new PDO('mysql:host=localhost;dbname=usertable', 'root', '');
|
|
|
|
if(isset($_GET['login'])) {
|
|
$email = $_POST['email'];
|
|
$passwort = $_POST['passwort'];
|
|
|
|
$statement = $pdo->prepare("SELECT * FROM users WHERE email = :email");
|
|
$result = $statement->execute(array('email' => $email));
|
|
$user = $statement->fetch();
|
|
|
|
//Überprüfung des Passworts
|
|
if ($user !== false && password_verify($passwort, $user['passwort'])) {
|
|
$_SESSION['userid'] = $user['id'];
|
|
die('successfull. go to: <a href="secure.php">secure page</a>');
|
|
} else {
|
|
$errorMessage = "somethings wrong (maybe wrong password or wrong email)<br>";
|
|
}
|
|
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Login</title>
|
|
</head>
|
|
<body>
|
|
|
|
<?php
|
|
if(isset($errorMessage)) {
|
|
echo $errorMessage;
|
|
}
|
|
?>
|
|
|
|
<form action="?login=1" method="post">
|
|
E-Mail:<br>
|
|
<input type="email" size="40" maxlength="250" name="email"><br><br>
|
|
|
|
Dein Passwort:<br>
|
|
<input type="password" size="40" name="passwort"><br>
|
|
|
|
<input type="submit" value="GO">
|
|
</form>
|
|
</body>
|
|
</html>
|