Candle/anmeldesystem_meinebuecher.php

46 lines
1.5 KiB
PHP
Raw Permalink Normal View History

2023-06-14 19:22:59 +02:00
<?php session_start();
$db_link = mysqli_connect('localhost', 'web_b-3', 'een7Ao6s', 'bibliothek_candle', '3306');
function runSQL($sql){
global $db_link;
$db_res = mysqli_query($db_link, $sql);
if(!$db_res){
header("Location: 404.html");
exit;
}
return $db_res;
}
if(isset($_POST['submit'])){
$kartenid = $_POST['karten-id'];
$passwort = $_POST['password'];
$existiert = runSQL("SELECT COUNT(*) FROM `benutzer` WHERE `KartenID` = '$kartenid' and `Passwort` = '$passwort'");
$row = mysqli_fetch_array($existiert);
$karteexistiert = runSQL("SELECT COUNT(*) FROM `benutzer` WHERE `KartenID` = '$kartenid'");
$zeile = mysqli_fetch_array($karteexistiert);
2023-06-14 19:48:38 +02:00
if($row['COUNT(*)'] > 0){
$_SESSION['eingeloggt'] = 1;
2023-06-14 21:29:08 +02:00
if(!isset($_SESSION['userID'])){
$sql = $db_link->prepare("SELECT benutzer.BenutzerID FROM benutzer WHERE benutzer.KartenID = ?;");
$sql->bind_param("i", $kartenid);
$sql->execute();
$result = $sql->get_result();
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$_SESSION['userID'] = $row['BenutzerID'];
}
}
}
2023-06-14 19:48:38 +02:00
header("Location: meinebuecher.php");
}else if($zeile['COUNT(*)'] > 0){
header("Location: passwort_stimmt_nicht.php");
}else{
header("Location: benutzer_existiert_nicht.php");
}
2023-06-14 19:22:59 +02:00
}else{
header("Location: 404.html");
}
?>