33 lines
1 KiB
PHP
33 lines
1 KiB
PHP
|
<?php
|
||
|
|
include '../db_connect.php';
|
||
|
|
|
||
|
|
if(isset($_POST['login'])){
|
||
|
|
|
||
|
|
//aus input felder wird email und password gelesen und "bereinigt" d.h alle leerzeichen werden entfernt in eine Variable gespeichert
|
||
|
|
$email = trim($_POST['email']);
|
||
|
|
$password = trim($_POST['password']);
|
||
|
|
|
||
|
|
try{
|
||
|
|
|
||
|
|
//SQL script wird ausgeführt in der Variable $stmt
|
||
|
|
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = :email");
|
||
|
|
$stmt->execute([':email' => $email]);
|
||
|
|
|
||
|
|
//überprüfung ob emailadresse ein Benutzer hat
|
||
|
|
$user =$stmt->fetch(PDO::FETCH_ASSOC);
|
||
|
|
|
||
|
|
if($user && password_verify($password, $user['password'])) {
|
||
|
|
session_start();
|
||
|
|
|
||
|
|
$_SESSION['user_id'] = $user['id'];
|
||
|
|
$_SESSION['username'] = $user['username'];
|
||
|
|
|
||
|
|
header("Location: ../index.php");
|
||
|
|
}else{
|
||
|
|
echo "Ungültig. Versuche es nochmal: <a href='login-page.html'>Nochmal versuchen</a>";
|
||
|
|
}
|
||
|
|
}catch (PDOException $e) {
|
||
|
|
echo "Fehler: " . $e->getMessage();
|
||
|
|
}
|
||
|
|
}
|
||
|
|
?>
|