packliste/login.php

<?php
// login.php - Seite zur Benutzeranmeldung
// KORREKTUR: Design an das der Registrierungsseite angepasst.

$page_title = "Anmeldung";
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

if (isset($_SESSION['user_id'])) {
    header("Location: index.php");
    exit;
}

require_once 'db_connect.php';
$message = '';

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);

    if (empty($username) || empty($password)) {
        $message = '<div class="alert alert-danger" role="alert">Bitte füllen Sie beide Felder aus.</div>';
    } else {
        $stmt = $conn->prepare("SELECT id, username, password FROM users WHERE username = ?");
        $stmt->bind_param("s", $username);
        $stmt->execute();
        $result = $stmt->get_result();

        if ($result->num_rows == 1) {
            $user = $result->fetch_assoc();
            
            if (password_verify($password, $user['password'])) {
                $_SESSION['user_id'] = $user['id'];
                $_SESSION['username'] = $user['username'];

                $stmt_settings = $conn->prepare("SELECT setting_key, setting_value FROM user_settings WHERE user_id = ?");
                $stmt_settings->bind_param("i", $user['id']);
                $stmt_settings->execute();
                $result_settings = $stmt_settings->get_result();
                
                while ($setting = $result_settings->fetch_assoc()) {
                    $_SESSION[$setting['setting_key']] = $setting['setting_value'];
                }
                $stmt_settings->close();

                header("Location: index.php");
                exit;
            } else {
                $message = '<div class="alert alert-danger" role="alert">Ungültiger Benutzername oder Passwort.</div>';
            }
        } else {
            $message = '<div class="alert alert-danger" role="alert">Ungültiger Benutzername oder Passwort.</div>';
        }
        $stmt->close();
    }
}
$conn->close();
?>
<!DOCTYPE html>
<html lang="de">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Anmeldung - Trekking Packliste</title>
    <link rel="preconnect" href="https://fonts.googleapis.com">
    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
    <link href="https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;700&display=swap" rel="stylesheet">
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous">
    <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css" rel="stylesheet">
    <link rel="stylesheet" href="assets/css/style.css">
</head>
<body>
    <div class="auth-wrapper">
        <div class="auth-container">
            <div class="auth-header">
                <img src="./logo.png" alt="Trekking Packliste Logo" class="auth-logo">
                <h2>Anmeldung</h2>
            </div>
            <div class="auth-body">
                <?php if(!empty($message)) echo $message; ?>
                <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
                    <div class="mb-3">
                        <label for="username" class="form-label">Benutzername</label>
                        <input type="text" class="form-control" id="username" name="username" required>
                    </div>
                    <div class="mb-3">
                        <label for="password" class="form-label">Passwort</label>
                        <input type="password" class="form-control" id="password" name="password" required>
                    </div>
                    <button type="submit" class="btn btn-primary w-100 mt-3">Anmelden</button>
                </form>
                <div class="text-center mt-4">
                    <span class="text-muted">Noch nicht registriert?</span> <a href="register.php" class="fw-bold text-decoration-none" style="color: var(--color-primary);">Jetzt registrieren</a>
                </div>
            </div>
        </div>
    </div>
    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" crossorigin="anonymous"></script>
</body>
</html>