Show sourcecode
The following files exists in this folder. Click to view.
webbsrvprg/exercises/databaser/ovn_2/
admin.php
forminclude.php
index.php
welcome.php
index.php
76 lines UTF-8 Windows (CRLF)
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
<!DOCTYPE html>
<html lang="sv">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Index</title>
<link href="../../../style/index.css" rel="stylesheet">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<header>
Databaser
</header>
<?php
$message = "";
if (isset($_POST["username"]) && isset($_POST["password"])) {
//Försök logga in
try{
/** @var PDO $dbconn */
include("../dbconnection.php");
$sql = "SELECT 1 from users WHERE username=? and pass=?";
$info = array($_POST["username"], $_POST["password"]);
$stmt = $dbconn->prepare($sql);
$stmt->execute($info);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user){
// Spara infon om användaren så att de följande sidorna blir säkra också
session_start();
$_SESSION["username"] = $user["username"];
$_SESSION["pass"] = $user["pass"];
// Kolla om det är admin eller inte
if ($user["role"] == "admin"){
header("Location: admin.php");
} else {
header("Location: welcome.php");
}
}else{
// Detta kommer printas senare
$message = "Fel lösenord eller användarnamn";
}
}
catch(PDOException $e){
echo($e->getMessage());
}
}
?>
<br><br>
<form method="post" style="padding: 20px">
<fieldset style = "border: 2px solid black">
<legend>Logga in</legend>
<?php
echo ($message);
?>
<br>
<input type="text" required id="username" name="username" placeholder="Harry123">
<label for="username">Användarnamn</label><br>
<input type="password" required id="password" name="password" placeholder="Lösen123">
<label for="password">Lösenord</label><br>
<button type="submit">Logga in</button>
</fieldset>
</form>
</body>
</html>