PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
]);
} catch (PDOException $e) {
if ($GLOBALS['DEBUG']) {
die("DB-Verbindungsfehler: " . $e->getMessage());
} else {
die("Datenbankverbindung fehlgeschlagen.");
}
}
}
return $pdo;
}
// Login prüfen
function checkLogin() {
return isset($_SESSION['user']) && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
}
// Login verarbeiten
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if ($username && $password) {
$pdo = getDB();
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user'] = $user['username'];
$_SESSION['role'] = $user['role'];
header("Location: " . $_SERVER['PHP_SELF']);
exit;
} else {
$error = "Falscher Benutzername oder Passwort.";
}
} else {
$error = "Bitte alle Felder ausfüllen.";
}
}
// Logout
if (isset($_GET['logout'])) {
session_destroy();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
// Daten holen
$prices = [];
if (checkLogin()) {
$pdo = getDB();
$stmt = $pdo->query("SELECT * FROM priceboard ORDER BY id DESC LIMIT 100");
$prices = $stmt->fetchAll();
}
?>
MC Priceboard
Aktuelle Preise
Keine Daten gefunden.