61ede4c325
All checks were successful
Docker Build & Push / build-and-push (push) Successful in 1m36s
61 lines
3.3 KiB
PHP
61 lines
3.3 KiB
PHP
<?php
|
|
session_start();
|
|
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){ header("location: index.php"); exit; }
|
|
require_once "includes/db_connect.php";
|
|
$username = $password = ""; $login_err = "";
|
|
if($_SERVER["REQUEST_METHOD"] == "POST"){
|
|
if(empty(trim($_POST["username"]))){ $login_err = "Bitte geben Sie einen Benutzernamen ein."; } else{ $username = trim($_POST["username"]); }
|
|
if(empty(trim($_POST["password"]))){ $login_err = "Bitte geben Sie ein Passwort ein."; } else{ $password = trim($_POST["password"]); }
|
|
if(empty($login_err)){
|
|
$sql = "SELECT id, username, password_hash FROM users WHERE username = ?";
|
|
if($stmt = $mysqli->prepare($sql)){
|
|
$stmt->bind_param("s", $param_username);
|
|
$param_username = $username;
|
|
if($stmt->execute()){
|
|
$stmt->store_result();
|
|
if($stmt->num_rows == 1){
|
|
$stmt->bind_result($id, $username, $hashed_password);
|
|
if($stmt->fetch()){
|
|
if(password_verify($password, $hashed_password)){
|
|
session_start();
|
|
$_SESSION["loggedin"] = true;
|
|
$_SESSION["user_id"] = $id;
|
|
$_SESSION["username"] = $username;
|
|
header("location: index.php");
|
|
} else{ $login_err = "Ungültiger Benutzername oder Passwort."; }
|
|
}
|
|
} else{ $login_err = "Ungültiger Benutzername oder Passwort."; }
|
|
} else{ $login_err = "Oops! Etwas ist schief gelaufen."; }
|
|
$stmt->close();
|
|
}
|
|
}
|
|
$mysqli->close();
|
|
}
|
|
define('APP_VERSION', '8.3.0');
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="de">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Login - Cazubu</title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link rel="stylesheet" href="css/style.css?v=<?php echo APP_VERSION; ?>">
|
|
</head>
|
|
<body>
|
|
<div class="auth-container">
|
|
<div class="auth-form-wrapper">
|
|
<div class="text-center mb-4"><img src="logo.png" alt="Cazubu Logo" style="max-width: 120px;"><h2 class="mt-2">Cazubu Login</h2></div>
|
|
<?php if(!empty($login_err)){ echo '<div class="alert alert-danger">' . htmlspecialchars($login_err) . '</div>'; } ?>
|
|
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
|
|
<div class="mb-3"><label for="username" class="form-label">Benutzername</label><input type="text" name="username" id="username" class="form-control" value="<?php echo htmlspecialchars($username); ?>" required></div>
|
|
<div class="mb-3"><label for="password" class="form-label">Passwort</label><input type="password" name="password" id="password" class="form-control" required></div>
|
|
<div class="d-grid"><button type="submit" class="btn btn-primary">Anmelden</button></div>
|
|
<p class="text-center mt-3">Noch kein Konto? <a href="register.php">Jetzt registrieren</a></p>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
|
|
</body>
|
|
</html>
|