Servus...
Ich wollte ein Login&Register System in ein neues integrieren... Leider leitet er die Seite nicht nach dem Login um, hier der JS Code. Komisch ist das er die sucess nachricht aber rausgibt...
und so sieht der html teil aus:
<div class="row">
<div class="col-lg-6 d-none d-lg-block bg-login-image"></div>
<div class="col-lg-6">
<div class="p-5">
<div class="text-center">
<h1 class="h4 text-gray-900 mb-4">Willkommen zurück!</h1>
</div>
<form class="user" action="pages/login/authenticate.php" method="post">
<div class="form-group">
<input type="text" class="form-control form-control-user"
id="username" name="username" aria-describedby="emailHelp"
placeholder="Nutzernamen eingeben...">
</div>
<div class="form-group">
<input type="password" class="form-control form-control-user"
id="exampleInputPassword" name="password" placeholder="Passwort eingeben...">
</div>
<div class="form-group">
<div class="custom-control custom-checkbox small">
<input type="checkbox" class="custom-control-input" id="remeberme" name="rememberme">
<label class="custom-control-label" for="remeberme">Angemeldet bleiben?</label>
</div>
</div>
<div class="msg"></div>
<br>
<button type="submit" class="btn btn-primary btn-user btn-block">Login</button>
</form>
so der php teil:
<?php
include '../../inc/main.php';
// Now we check if the data from the login form was submitted, isset() will check if the data exists.
if (!isset($_POST['username'], $_POST['password'])) {
// Could not retrieve the data that should have been sent
exit('Please fill both the username and password field!');
}
// Prepare our SQL query and find the account associated with the login details
// Preparing the SQL statement will prevent SQL injection
$stmt = $pdo->prepare('SELECT * FROM accounts WHERE username = ?');
$stmt->execute([ $_POST['username'] ]);
$account = $stmt->fetch(PDO::FETCH_ASSOC);
// Check if the account exists
if ($account) {
// Account exists... Verify the password
if (password_verify($_POST['password'], $account['password'])) {
// Check if the account is activated
if (account_activation && $account['activation_code'] != 'activated') {
// User has not activated their account, output the message
echo 'Bitte aktiviere deinen Account! Hier klicken <a href="resendactivation.php">here</a> für eine erneute aktivierungs E-Mail.';
} else {
// Verification success! User has loggedin!
// Declare the session variables, which will basically act like cookies, but will store the data on the server as opposed to the client
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $account['username'];
$_SESSION['id'] = $account['id'];
$_SESSION['role'] = $account['role'];
// IF the user checked the remember me checkbox...
if (isset($_POST['rememberme'])) {
// Generate a hash that will be stored as a cookie and in the database. It will be used to identify the user.
$cookiehash = !empty($account['rememberme']) ? $account['rememberme'] : password_hash($account['id'] . $account['username'] . 'yoursecretkey', PASSWORD_DEFAULT);
// The number of days a user will be remembered
$days = 30;
// Create the cookie
setcookie('rememberme', $cookiehash, (int)(time()+60*60*24*$days));
// Update the "rememberme" field in the accounts table with the new hash
$stmt = $pdo->prepare('UPDATE accounts SET rememberme = ? WHERE id = ?');
$stmt->execute([ $cookiehash, $account['id'] ]);
}
// Update last seen date
$date = date('Y-m-d\TH:i:s');
$stmt = $pdo->prepare('UPDATE accounts SET last_seen = ? WHERE id = ?');
$stmt->execute([ $date, $account['id'] ]);
// Output msg; do not change this line as the AJAX code depends on it
echo 'Success';
}
} else {
// Incorrect password
echo 'Falscher Nutzername/Passwort';
}
} else {
// Incorrect username
echo 'Falscher Nutzername/Passwort';
}
?>
Jemand eine Idee?
Danke! 
Ich glaube ich hab den falschen Pfad angegeben. Ups 😂😂 muss ich später mal testen. Melde mich!
