locomputing
Einloggen
Zum Einloggen wird ein Formular benötigt.
das formular
  • <! DOCTYPE html>
  • <html lang = " de "> <head>
  • <meta charset = " UTF-8 ">
  • <meta name = " viewport " content = " width = device-width , initial-scale = 1 . 0 ">
  • <title> Login Formular </title>
  • <meta name = " dcterms.rights " content = " locomputing ">
  • <meta name = " description " content = " Beschreibung der Website ">
  • <meta name = " keywords " content = " Keywords ">
  • <link rel = " stylesheet " href = " https : / / locomputing . de / mustercss / formular_style . css ">

  • </head>
  • <body>

  • <h4> Login-Formular </h4>
  • <p> Bitte geben Sie Ihre Daten ein. </p>

  • <fieldset>
  1. <form method = "post">

  2. <div class = "form-face">
  3. <label for = "name"> Username: <span> * </span> </label>
  4. <span class = "fehler"> <?php echo $username_err ; ?> </span>
  5. <input pattern = " . { 5 , 25 } " required = "required" placeholder = " Username " title = " Username eingeben! " type = "text" id = "username" name = "username" maxlength = "32" class = "form-control">
  6. </div>

  7. <div class = "form-face">
  8. <label for = "passwort"> Passwort: <span> * </span> </label>
  9. <span class = "fehler"> <?php echo $password_err ; ?> </span>
  10. <input pattern = " . { 8 , 40 } " required = "required" placeholder = " Passwort " title = " Passwort eingeben! " type = "password" id = "passwort" name = "passwort" maxlength = "42" class = "form-control">
  11. </div>

  12. <div class = "form-face">
  13. <label> <span> * </span> Felder sind Pflicht! </label>
  14. <input type = "submit" class = "butt button-blue" name = "loggen" value = " Login ">
  15. <input class = "butt button-red" type = "reset" value = " Reset ">
  16. </div>

  17. </form>
  • </fieldset>

  • <p>Noch kein Account vorhanden? <a href = "register.php"> Jetzt registrieren </a> </p>
  • <p>Account schon Freigeschaltet? <a href = "freischalten.php"> Jetzt freischalten </a> </p>
  • <p> Passwort vergessen? <a href = "pwforget.php"> Passwort holen </a> </p>

  • </body>
  • </html>
die login.php
<?php
  • // Datenbank verbindung einfügen
    if ( file_exists ( ' db_conect.php ' ) = = true ) { require ( ' db_conect.php ' ) ; }

    • // Sitzung starten
  1. session_start ( ) ;

    • // Prüfen ob User eingeloggt ist oder nicht
  2. if ( isset ( $_SESSION [ " loggedin " ] ) & & $_SESSION [ " loggedin " ] = = = true )
  3. {
  4. header ( "Location : welcome.php" ) ; exit ( ) ;
  5. }

    • // Variablen definieren und auf leere Werte setzen
  6. $username = $password = " " ;
  7. $username_err = $password_err = " " ;

    • // Formulardaten werden verarbeitet, wenn das Formular gesendet wird
  8. if ( isset ( $_POST [ ' loggen ' ] ) & & $_POST [ ' loggen ' ] = = 'Login' )
  9. {

    • // POST für Username prüfen
  10. $postusername = isset ( $_POST [ ' username ' ] ) ? $_POST [ ' username ' ] : " " ;
  11. if ( empty ( $postusername ) )
  12. {
  13. $username_err = ' Feld Username ist leer ! ' ;
  14. }
  15. elseif ( ( strlen ( trim ( $postusername ) ) < 5 ) | | ( strlen ( trim ( $postusername ) ) ) > 30 )
  16. {
  17. $username_err = ' Falscher Username ! ' ;
  18. }
  19. else
  20. {
  21. $username = trim ( htmlspecialchars ( $postusername ) ) ;
  22. if ( ! preg_match ( " / ^ [ A - Z ] + [ a - z A - Z 0 - 9 - _ ' ] * $ / " , $username ) )
  23. {
  24. $username_err = ' Username nicht korrekt ! ' ;
  25. }
  26. if ( $username = = = false )
  27. {
  28. $username_err = ' Dies ist kein Username ! ' ;
  29. }
  30. }

    • // POST für Passwort prüfen
  31. $postpass = isset ( $_POST [ ' passwort ' ] ) ? $_POST [ ' passwort ' ] : " " ;
  32. if ( empty ( $postpass ) )
  33. {
  34. $password_err = ' Feld Passwort ist leer ! ' ;
  35. }
  36. elseif ( ( strlen ( trim ( $postpass ) ) < 12 ) | | ( strlen ( trim ( $postpass ) ) ) > 40 )
  37. {
  38. $password_err = ' Passwort nicht korrekt ! ';
  39. }
  40. else
  41. {
  42. $password = trim ( htmlspecialchars ( $postpass ) ) ;
  43. if ( ! preg_match ( " / [ ^ a - z A - Z 0 - 9 ] / " , $password ) )
  44. {
  45. $password_err = ' Passwort Fehler ! ' ;
  46. }
  47. if ( $password = = = false )
  48. {
  49. $password_err = ' Dies ist kein Passwort ! ' ;
  50. }
  51. }




    • // Keine Fehler Formular Inhalt ausführen
  52. if ( empty ( $username_err ) & & empty ( $password_err ) )
  53. {
  54. $sql = " SELECT id , username , userpass FROM usertable WHERE username = ? and active = ? and block = ? " ;
  55. if ( $stmt = $sqli -> prepare ( $sql ) )
  56. {
  57. $stmt -> bind_param ( " s i i " , $param_username , $param_aktiv , $param_block ) ;
  58. $param_username = $username ;
  59. $param_aktiv = 1 ;
  60. $param_block = 0 ;
  61. if ( $stmt -> execute ( ) )
  62. {
  63. $stmt -> store_result ( ) ;
  64. if ( $stmt -> num_rows = = 1 )
  65. {
  66. $stmt -> bind_result ( $id , $username , $hashed_password ) ;
  67. if ( $stmt -> fetch ( ) )
  68. {
  69. if ( password_verify ( $password , $hashed_password ) )
  70. {
  71. session_start ( ) ;
  72. $_SESSION [ " loggedin " ] = true ;
  73. $_SESSION [ " id " ] = $id;
  74. $_SESSION [ " username " ] = $username ;
  75. header ( " location : welcome.php " ) ;
  76. }
  77. else
  78. {
  79. $password_err = " Falsches Passwort ! " ;
  80. }
  81. }
  82. }
  83. else
  84. {
  85. $username_err = " Account Freigeschaltet ? " ;
  86. }
  87. }
  88. else
  89. {
  90. echo " ERROR Bitte nochmals versuchen ! " ;
  91. }
  92. }
  93. $stmt -> close ( ) ;
  94. }
  95. $connect -> close ( ) ;
  96. }


    • // Keine Fehler Formular Inhalt ausführen
  97. if ( empty ( $username_err ) & & empty ( $password_err ) )
  98. {
  99. $sql = " SELECT id , username , userpass FROM usertable WHERE username = ? and active = ? and block = ? " ;
  100. if ( $stmt = $pdo -> prepare ( $sql ) )
  101. {
  102. $param_username = $username ;
  103. $param_aktiv = 1 ;
  104. $param_block = 0 ;
  105. if ( $stmt -> execute ( array ( $param_username , $param_aktiv , $param_block ) ) )
  106. {
  107. if ( $stmt -> rowCount ( ) = = 1 )
  108. {
  109. if ( $rows = $stmt -> fetch ( PDO : : FETCH_ASSOC ) )
  110. {
  111. $id = $rows [ " id " ] ;
  112. $username = $rows [ " username " ] ;
  113. $hashed_password = $rows [ " userpass " ] ;
  114. if ( password_verify ( $password , $hashed_password ) )
  115. {
  116. session_start ( ) ;
  117. $_SESSION [ " loggedin " ] = true ;
  118. $_SESSION [ " id " ] = $id;
  119. $_SESSION [ " username " ] = $username ;
  120. header ( " location : welcome.php " ) ;
  121. }
  122. else
  123. {
  124. $password_err = " Falsches Passwort ! " ;
  125. }
  126. }
  127. }
  128. else
  129. {
  130. $username_err = " Account Freigeschaltet ? " ;
  131. }
  132. }
  133. else
  134. {
  135. echo " ERROR Bitte nochmals versuchen ! " ;
  136. }
  137. }
  138. $pdo = NULL ;
  139. }
  140. }
?>
 Hier wird das formular eingefügt.