FSST/Geizkragen
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/main'

Browse Source
This commit is contained in:
pauli 2026-01-22 21:53:38 +01:00
commit d887011dca
2 changed files with 82 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
login.php
View File

@ -1,30 +1,84 @@
<?php <?php
// login.php
ini_set('display_errors', 1); ini_set('display_errors', 1);
ini_set('display_startup_errors', 1); ini_set('display_startup_errors', 1);
error_reporting(E_ALL); ?> error_reporting(E_ALL);
session_start();
<?php include 'header.php'; ?> // 1) DB-Verbindung (einmal)
<?php
$servername = "localhost"; $servername = "localhost";
$port = 13306; $port = 3306;
$username = "FSST"; $username = "FSST";
$password = "L9wUNZZ9Qkbt"; $password = "L9wUNZZ9Qkbt";
$db = "FSST"; $db = "FSST";
// Verbindung aufbauen $conn = mysqli_connect($servername, $username, $password, $db, $port);
$conn = mysqli_connect($servername, $username, $password, $db); if (!$conn) {
http_response_code(500);
if (!$conn) die("Datenbankfehler");
{ }
die("Datenbankfehler"); // kein Echo/Debug im Produktivcode
echo "Fehler"; // 2) POST-Verarbeitung VOR jeglicher Ausgabe
$loginError = null;
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$uname = isset($_POST['uname']) ? $_POST['uname'] : '';
$pw = isset($_POST['pw']) ? $_POST['pw'] : '';
// Basic Validierung
if ($uname === '' || $pw === '') {
$loginError = "Bitte Username und Passwort eingeben.";
} else {
// Login ist SELECT, nicht INSERT
$stmt = mysqli_prepare($conn, "SELECT id, pw FROM user WHERE un = ?");
mysqli_stmt_bind_param($stmt, "s", $uname);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$user = $result ? mysqli_fetch_assoc($result) : null;
// Falls du Passwörter gehasht speicherst: password_verify($pw, $user['pw'])
// Wenn aktuell Klartext (nicht empfohlen): $pw === $user['pw']
if ($user && $pw === $user['pw']) {
$_SESSION['user_id'] = (int)$user['id'];
$_SESSION['username'] = $uname;
mysqli_close($conn);
header("Location: index.php");
exit;
}
$loginError = "Ungültige Zugangsdaten.";
} }
else {
echo "erfolgreich";
} }
?> ?>
<?php include 'header.php'; ?>
<?php include 'footer.php'; ?> <!DOCTYPE html>
<html>
<body>
<h2>Geizhals Login</h2>
<?php if ($loginError): ?>
<p><?php echo htmlspecialchars($loginError, ENT_QUOTES, 'UTF-8'); ?></p>
<?php endif; ?>
<form action="login.php" method="POST">
<label for="uname">Username:</label>
<input type="text" id="uname" name="uname"><br>
<label for="pw">Password:</label>
<input type="password" id="pw" name="pw"><br><br>
<input type="submit" value="Login">
</form>
<p><a href="register.html">Register</a></p>
</body>
</html>
<?php
mysqli_close($conn);
include 'footer.php';
?>

13
other/login.html Normal file
View File

@ -0,0 +1,13 @@
<html>
<body>
<h2>TestProjekt-Login</h2>
<form action="login.php" method="POST">
<label for="fname">Username:</label>
<input type="text" id="uname" name="uname"><br>
<label for="lname">Password:</label>
<input type="text" id="pw" name="pw"><br><br>
<input type="submit" value="Login">
</form>
<p><a href="register.html">Register</a></p>
</body>
</html>