First: Code!
loginform.html
<form action="" method="post" id="loginform">
<h3>Login</h3>
<input type="text" name="username" placeholder="Username">
<br>
<br>
<input type="password" name="password" placeholder="Password">
<br>
<input type="submit" name="logsubmit" value="Login" class="registerbutton">
</form>
login.php
<?php
require_once("../resources/config.php");
require_once("../resources/library/dbconnect.php");
function checkUser($con) {
if (isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$pw = md5($_POST['password']);
$sql="SELECT * FROM `users` WHERE username='$username' and pw='$pw'";
$result = mysqli_query($con, $sql);
$row = mysqli_fetch_assoc($result);
if ($result==true && $username == $row["username"] && $pw==$row["pw"]) {
$_SESSION["logged_in"] = 1;
$_SESSION["admin"] = $row["admin"];
$_SESSION["username"] = $row["username"];
}
else {
$msg = "Das war nichts! Passwort oder Username falsch? <br>".mysqli_error($con);
unset($_SESSION["logged_in"]);
}
}
}
checkUser($connection);
header('location: ../public_html/index.php');
exit;
?>
index.php
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Barstone</title>
<link rel="stylesheet" href="css/default.php" type="text/css">
<link href='http://fonts.googleapis.com/css?family=Bitter:700&subset=latin,latin-ext' rel='stylesheet' type='text/css'>
</head>
<body>
<?php require_once("../resources/config.php");
require_once("../resources/library/header_nav.php");?>
<div class="pagewrapper">
<div class="register-container">
<?php if(!isset($_SESSION['logged_in']) || !isset($_POST['regsubmit']))
{require_once("../resources/library/registerform.php");}
if (isset($_POST['regsubmit']) && $_SESSION['register_check']==true) {printf("Success! Welcome %s!",$_POST['username']);}
?>
</div>
<div class="login-container">
<?php if (isset($_SESSION['logged_in'])) { printf ("<form action='../resources/library/logout.php' method='post' id='loginform'><h3> Hello %s! </h3> Nice to see you!<input type='submit' class='logoutbutton' value='logout'> </form>",$_SESSION["username"]);
}?>
<?php if (isset($_POST["logsubmit"])) {require_once("../resources/library/login.php");
}
else { if (!isset($_SESSION['username'])) {require_once("../resources/library/loginform.html");}}
?>
</div>
<div class="content">
<?php require_once("../resources/library/articles.php");?>
</div>
</div>
</body>
</html>
relevant index.php part
{printf ("<form action='../resources/library/logout.php' method='post' id='loginform'>
<h3> Hello %s!</h3> Nice to see you!
<input type='submit' class='logoutbutton' value='logout'>
</form>",$_SESSION["username"]);}
?>
<?php if (isset($_POST["logsubmit"])) {require_once("../resources/library/login.php");}
else {if (!isset($_SESSION['username']))
{require_once("../resources/library/loginform.html");}
}?>
</div>
What this is supposed to do:
If the user is not logged in, show the loginform.html
.
If the login button got pressed, use the login.php
to log the user in.
After someone has used the login-form to log in to the website, it displays a little welcome message and a new button for logout purposes.
What this does:
Displaying the login form works fine.
After someone logged in, it displays nothing. But after reloading the page, the button is there and works fine.
The $_SESSION['logged_in']
variable is set with the login, but why does the page need another reload to interpret this statement correctly?
I admit that the way I do it isn't necessarily 'best practice' and I am open for any advice. Still learning. :)
For testing: http://hsturnierv2.pixelpioniere.net/public_html/index.php login as "test" with pw "test"