connect_error) {
$message['error'] = 'Datenbankverbindung fehlgeschlagen: ' . $mysqli->connect_error;
} else {
$query = sprintf(
"SELECT id, loginName, pwHash, config FROM wkParticipo_Users WHERE loginName = '%s'",
$mysqli->real_escape_string($_POST['f']['username'])
);
$result = $mysqli->query($query);
if ($row = $result->fetch_array(MYSQLI_ASSOC)) {
if( password_verify( $_POST['f']['password'], $row['pwHash']) ){
session_start();
$_SESSION = array(
'login' => true,
'user' => array(
'username' => $row['loginName'],
'userId' => $row['id'],
'userConfig' => json_decode($row['config'], true)
),
);
$message['success'] = 'Anmeldung erfolgreich, weiter zum Inhalt.';
PHPCount::AddHit("participo-Login-".$_POST['f']['username']);
// Logging Logins
logLoginsToJsonFile($_SESSION['user']['username']);
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/participo?user=' . $_POST['f']['username']);
} else {
sleep(5);
$message['error'] = 'Das Kennwort ist nicht korrekt.';
}
}
}
return $message;
}
/**
* Log the Login of an user into a logFile
*
* @param string $userName name of the user
* @param string $fileName filename to log to
* @return void
*/
function logLoginsToJsonFile($userName, $fileName="lastLogins.json"){
try{
$lastLogins = json_decode(file_get_contents($fileName), true);
if(!array_key_exists($userName, $lastLogins))
$lastLogins[$userName] = [];
if(!array_key_exists('lastLogins', $lastLogins[$userName]))
$lastLogins[$userName]['lastLogins'] = [];
$lastLogins[$userName]['lastLogins'] = array_merge( array( date('Y-m-d H:i:s') ), $lastLogins[$userName]['lastLogins'] );
file_put_contents($fileName, json_encode($lastLogins));
}
catch (Exception $e){
// silently ignore errors
}
}
if (isset($_SESSION['login'])) {
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/index.php');
}
else{
if (!empty($_POST)) {
if (
empty($_POST['f']['username']) ||
empty($_POST['f']['password'])
) {
$message['error'] = 'Es wurden nicht alle Felder ausgefüllt.';
} else {
$message = checkCredentials($_POST['f']['username'], $_POST['f']['password'], $db_server, $db_user, $db_password, $db_name);
if( !isset($message['error']) )
$message['notice'] = "OnlineApps - cwsvJudo";
}
}
}
?>
cwsvJudo Online Apps
Loginseite der Online-Apps der Judoka des CWSV