1 year ago
#338513
og61
PHP Check which user is logged in
We are creating a website for a school project and need an admin user. The plan is to check which user is logged in. The check is done with the name. For e.g. username is "admin@xxx.xx" when this user is logged in it should a other site as a other user.
Is this possible?
Registration.phpenter code here
<?php
session_start();
$pdo = new PDO('mysql:host=localhost;dbname=mydb11', 'root', '');
?>
<!DOCTYPE html>
<html>
<head>
<title>Registrierung</title>
</head>
<body>
<?php
$showFormular = true; //Variable ob das Registrierungsformular anezeigt werden soll
if(isset($_GET['register'])) {
$error = false;
$email = $_POST['email'];
$passwort = $_POST['passwort'];
$passwort2 = $_POST['passwort2'];
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo 'Bitte eine gültige E-Mail-Adresse eingeben<br>';
$error = true;
}
if(strlen($passwort) == 0) {
echo 'Bitte ein Passwort angeben<br>';
$error = true;
}
if($passwort != $passwort2) {
echo 'Die Passwörter müssen übereinstimmen<br>';
$error = true;
}
//Überprüfe, dass die E-Mail-Adresse noch nicht registriert wurde
if(!$error) {
$statement = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$result = $statement->execute(array('email' => $email));
$user = $statement->fetch();
if($user !== false) {
echo 'Diese E-Mail-Adresse ist bereits vergeben<br>';
$error = true;
}
}
//Keine Fehler, wir können den Nutzer registrieren
if(!$error) {
$passwort_hash = password_hash($passwort, PASSWORD_DEFAULT);
$statement = $pdo->prepare("INSERT INTO users (email, passwort) VALUES (:email, :passwort)");
$result = $statement->execute(array('email' => $email, 'passwort' => $passwort_hash));
if($result) {
echo 'Du wurdest erfolgreich registriert. <a href="login.php">Zum Login</a>';
$showFormular = false;
} else {
echo 'Beim Abspeichern ist leider ein Fehler aufgetreten<br>';
}
}
}
Login.php
type<?php
session_start();
$pdo = new PDO('mysql:host=localhost;dbname=mydb11', 'root', '');
if(isset($_GET['login'])) {
$email = $_POST['email'];
$passwort = $_POST['passwort'];
$statement = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$result = $statement->execute(array('email' => $email));
$user = $statement->fetch();
//Überprüfung des Passworts
if ($user !== false && password_verify($passwort, $user['passwort'])) {
$_SESSION['userid'] = $user['usersID'];
die('Login erfolgreich. Weiter zu <a href="geheim.php">internen Bereich</a>');
} else {
$errorMessage = "E-Mail oder Passwort war ungültig<br>";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<form action="?login=1" method="post">
E-Mail:<br>
<input type="email" size="40" maxlength="250" name="email"><br><br>
Dein Passwort:<br>
<input type="password" size="40" maxlength="250" name="passwort"><br>
<input type="submit" value="Abschicken">
</form>
<?php
if(isset($errorMessage)) {
echo $errorMessage;
}
?>
</body>
<footer>
</footer>
</html>
geheim.php
<?php
$pdo = new PDO('mysql:host=localhost;dbname=mydb11', 'root', '');
if(!isset($_SESSION['userid'])) {
die('Bitte zuerst <a href="login.php">einloggen</a>');
}
$statement = $pdo->prepare("SELECT COUNT(*) AS anzahl FROM users");
$statement->execute();
$row = $statement->fetch();
echo "Es wurden ".$row['anzahl']." User gefunden";
?>
I tried some solutions but they doesnt help with my problem. Hope you can help me.
php
html
authentication
admin
registration
0 Answers
Your Answer