Zum Einloggen wird ein Formular benötigt.
das formular
- <! DOCTYPE html>
- <html lang = " de "> <head>
- <meta charset = " UTF-8 ">
- <meta name = " viewport " content = " width = device-width , initial-scale = 1 . 0 ">
- <title> Login Formular </title>
- <meta name = " dcterms.rights " content = " locomputing ">
- <meta name = " description " content = " Beschreibung der Website ">
- <meta name = " keywords " content = " Keywords ">
- <link rel = " stylesheet " href = " https : / / locomputing . de / mustercss / formular_style . css ">
- </head>
- <body>
- <h4> Login-Formular </h4>
- <p> Bitte geben Sie Ihre Daten ein. </p>
- <fieldset>
- <form method = "post">
- <div class = "form-face">
- <label for = "name"> Username: <span> * </span> </label>
- <span class = "fehler"> <?php echo $username_err ; ?> </span>
- <input pattern = " . { 5 , 25 } " required = "required" placeholder = " Username " title = " Username eingeben! " type = "text" id = "username" name = "username" maxlength = "32" class = "form-control">
- </div>
- <div class = "form-face">
- <label for = "passwort"> Passwort: <span> * </span> </label>
- <span class = "fehler"> <?php echo $password_err ; ?> </span>
- <input pattern = " . { 8 , 40 } " required = "required" placeholder = " Passwort " title = " Passwort eingeben! " type = "password" id = "passwort" name = "passwort" maxlength = "42" class = "form-control">
- </div>
- <div class = "form-face">
- <label> <span> * </span> Felder sind Pflicht! </label>
- <input type = "submit" class = "butt button-blue" name = "loggen" value = " Login ">
- <input class = "butt button-red" type = "reset" value = " Reset ">
- </div>
- </form>
- </fieldset>
- <p>Noch kein Account vorhanden? <a href = "register.php"> Jetzt registrieren </a> </p>
- <p>Account schon Freigeschaltet? <a href = "freischalten.php"> Jetzt freischalten </a> </p>
- <p> Passwort vergessen? <a href = "pwforget.php"> Passwort holen </a> </p>
- </body>
- </html>
die login.php
<?php
- // Datenbank verbindung einfügen
- if ( file_exists ( ' db_conect.php ' ) = = true ) { require ( ' db_conect.php ' ) ; }
- // Sitzung starten
- session_start ( ) ;
- // Prüfen ob User eingeloggt ist oder nicht
- if ( isset ( $_SESSION [ " loggedin " ] ) & & $_SESSION [ " loggedin " ] = = = true )
- {
- header ( "Location : welcome.php" ) ; exit ( ) ;
- }
- // Variablen definieren und auf leere Werte setzen
- $username = $password = " " ;
- $username_err = $password_err = " " ;
- // Formulardaten werden verarbeitet, wenn das Formular gesendet wird
- if ( isset ( $_POST [ ' loggen ' ] ) & & $_POST [ ' loggen ' ] = = 'Login' )
- {
- // POST für Username prüfen
- $postusername = isset ( $_POST [ ' username ' ] ) ? $_POST [ ' username ' ] : " " ;
- if ( empty ( $postusername ) )
- {
- $username_err = ' Feld Username ist leer ! ' ;
- }
- elseif ( ( strlen ( trim ( $postusername ) ) < 5 ) | | ( strlen ( trim ( $postusername ) ) ) > 30 )
- {
- $username_err = ' Falscher Username ! ' ;
- }
- else
- {
- $username = trim ( htmlspecialchars ( $postusername ) ) ;
- if ( ! preg_match ( " / ^ [ A - Z ] + [ a - z A - Z 0 - 9 - _ ' ] * $ / " , $username ) )
- {
- $username_err = ' Username nicht korrekt ! ' ;
- }
- if ( $username = = = false )
- {
- $username_err = ' Dies ist kein Username ! ' ;
- }
- }
- // POST für Passwort prüfen
- $postpass = isset ( $_POST [ ' passwort ' ] ) ? $_POST [ ' passwort ' ] : " " ;
- if ( empty ( $postpass ) )
- {
- $password_err = ' Feld Passwort ist leer ! ' ;
- }
- elseif ( ( strlen ( trim ( $postpass ) ) < 12 ) | | ( strlen ( trim ( $postpass ) ) ) > 40 )
- {
- $password_err = ' Passwort nicht korrekt ! ';
- }
- else
- {
- $password = trim ( htmlspecialchars ( $postpass ) ) ;
- if ( ! preg_match ( " / [ ^ a - z A - Z 0 - 9 ] / " , $password ) )
- {
- $password_err = ' Passwort Fehler ! ' ;
- }
- if ( $password = = = false )
- {
- $password_err = ' Dies ist kein Passwort ! ' ;
- }
- }
- // Keine Fehler Formular Inhalt ausführen
- if ( empty ( $username_err ) & & empty ( $password_err ) )
- {
- $sql = " SELECT id , username , userpass FROM usertable WHERE username = ? and active = ? and block = ? " ;
- if ( $stmt = $sqli -> prepare ( $sql ) )
- {
- $stmt -> bind_param ( " s i i " , $param_username , $param_aktiv , $param_block ) ;
- $param_username = $username ;
- $param_aktiv = 1 ;
- $param_block = 0 ;
- if ( $stmt -> execute ( ) )
- {
- $stmt -> store_result ( ) ;
- if ( $stmt -> num_rows = = 1 )
- {
- $stmt -> bind_result ( $id , $username , $hashed_password ) ;
- if ( $stmt -> fetch ( ) )
- {
- if ( password_verify ( $password , $hashed_password ) )
- {
- session_start ( ) ;
- $_SESSION [ " loggedin " ] = true ;
- $_SESSION [ " id " ] = $id;
- $_SESSION [ " username " ] = $username ;
- header ( " location : welcome.php " ) ;
- }
- else
- {
- $password_err = " Falsches Passwort ! " ;
- }
- }
- }
- else
- {
- $username_err = " Account Freigeschaltet ? " ;
- }
- }
- else
- {
- echo " ERROR Bitte nochmals versuchen ! " ;
- }
- }
- $stmt -> close ( ) ;
- }
- $connect -> close ( ) ;
- }
- // Keine Fehler Formular Inhalt ausführen
- if ( empty ( $username_err ) & & empty ( $password_err ) )
- {
- $sql = " SELECT id , username , userpass FROM usertable WHERE username = ? and active = ? and block = ? " ;
- if ( $stmt = $pdo -> prepare ( $sql ) )
- {
- $param_username = $username ;
- $param_aktiv = 1 ;
- $param_block = 0 ;
- if ( $stmt -> execute ( array ( $param_username , $param_aktiv , $param_block ) ) )
- {
- if ( $stmt -> rowCount ( ) = = 1 )
- {
- if ( $rows = $stmt -> fetch ( PDO : : FETCH_ASSOC ) )
- {
- $id = $rows [ " id " ] ;
- $username = $rows [ " username " ] ;
- $hashed_password = $rows [ " userpass " ] ;
- if ( password_verify ( $password , $hashed_password ) )
- {
- session_start ( ) ;
- $_SESSION [ " loggedin " ] = true ;
- $_SESSION [ " id " ] = $id;
- $_SESSION [ " username " ] = $username ;
- header ( " location : welcome.php " ) ;
- }
- else
- {
- $password_err = " Falsches Passwort ! " ;
- }
- }
- }
- else
- {
- $username_err = " Account Freigeschaltet ? " ;
- }
- }
- else
- {
- echo " ERROR Bitte nochmals versuchen ! " ;
- }
- }
- $pdo = NULL ;
- }
- } ?>
Hier wird das formular eingefügt.