Show sourcecode
The following files exists in this folder. Click to view.
webbserverprogrammering/submissions/projekt-quiz/admin/
admin_login.php
admin_manage_quiz.php
admin_manage_users.php
admin_panel.php
admin_statistics.php
make_admin.php
admin_login.php
98 lines UTF-8 Unix (LF)
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
<?php
session_start();
require_once '../includes/db_connect.php';
// PROCESSERING
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$password = $_POST['password'];
$error = '';
if (empty($username) || empty($password)) {
$error = "Både användarnamn och lösenord måste fyllas i.";
} else {
// Hämta ENDAST admins (is_admin = 1)
$stmt = $pdo->prepare("
SELECT id, name, username, password
FROM users
WHERE username = :username AND is_admin = 1
");
$stmt->execute([':username' => $username]);
$admin = $stmt->fetch(PDO::FETCH_ASSOC);
if ($admin && password_verify($password, $admin['password'])) {
// ADMIN-INLOGGNING LYCKADES
// Uppdatera last_login
$stmt = $pdo->prepare("UPDATE users SET last_login = NOW() WHERE id = :id");
$stmt->execute([':id' => $admin['id']]);
// Regenerera session ID
session_regenerate_id(true);
// Spara i SEPARAT admin-session
$_SESSION['admin_id'] = $admin['id'];
$_SESSION['admin_username'] = $admin['username'];
$_SESSION['admin_name'] = $admin['name'];
$_SESSION['admin_logged_in'] = true;
// Omdirigera till admin-panel
header("Location: admin_panel.php");
exit();
} else {
$error = "Felaktiga admin-uppgifter.";
}
}
}
$page_title = 'Admin Login';
require_once '../includes/header.php';
?>
<div class="container">
<div class="admin-login-box">
<h1>Admin-inloggning</h1>
<?php if (isset($error)): ?>
<div class="error-message">
<?php echo htmlspecialchars($error); ?>
</div>
<?php endif; ?>
<form method="POST" action="admin_login.php">
<div class="form-group">
<label for="username">Admin-användarnamn:</label>
<input
type="text"
id="username"
name="username"
required
>
</div>
<div class="form-group">
<label for="password">Lösenord:</label>
<input
type="password"
id="password"
name="password"
required
>
</div>
<button type="submit" class="btn btn-admin">Logga in som Admin</button>
</form>
<p class="back-link">
<a href="../index.php">Tillbaka till startsidan</a>
</p>
</div>
</div>
<?php require_once '../includes/footer.php'; ?>