Hallo, ich versuche mich gerade an einem Login Skript. Das funktioniert auch (bis auf die logout.php) und ich wollte jetzt einmal wissen, was verbessert werden kann oder ich falsch gemacht habe:
login.php
index.php
Auf versteckten Seiten würde ich immer
einbauen. Oder kann man hier mit funktionen arbeiten?
login.php
PHP-Code:
<form role="form" method="post" class="form-signin">
<h2 class="form-signin-heading">Login</h2>
<div class="form-group">
<label for="username" class="sr-only">Username</label>
<input class="form-control" type="text" id="username" name="username" placeholder="Username" required autofocus>
</div>
<div class="form-group">
<label for="password"class="sr-only">Password</label>
<input class="form-control" type="password" id="password" name="password" placeholder="Password" required>
</div>
<div class="form-group">
<button class="btn btn-lg btn-primary btn-block" name="login"><span class="glyphicon glyphicon glyphicon-log-in"></span></button>
</div>
</form>
<?php
session_start();
include('../include/config.php');
include('include/header.php');
if (isset($_POST['login'])) {
try {
$stmt = $dbh->prepare("SELECT username, password FROM users WHERE username = :username AND password = :password");
$stmt->bindParam(':username', htmlspecialchars($_POST['username']));
$stmt->bindParam(':password', htmlspecialchars(md5($_POST['password'])));
$stmt->execute();
$user_id = $stmt->fetchColumn();
if ($user_id == true) {
$_SESSION['user_id'] = $user_id;
header("Location: index.php");
}
} catch (PDOException $e) {
$e->getMessage();
}
}
if (isset($_SESSION['user_id'])) {
header("Location: index.php");
}
include('include/footer.php');
PHP-Code:
<?php
session_start();
include '../include/config.php';
include 'include/header.php';
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
}
?>
<h2>Herzlich Willkommen <a class="btn btn-info" href="logout.php" name="logout"><span class="glyphicon glyphicon glyphicon-log-out"></span></a></p></h2>
<?php
include 'include/footer.php';
PHP-Code:
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
}
Kommentar