Herdset_suche/public/login.php

<?php
session_start();

// Überprüfen, ob der Benutzer bereits angemeldet ist
if (isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true) {
    if ($_SESSION['access_level'] === 'all') {
        header('Location: /admin.php');
        exit;
    } elseif ($_SESSION['access_level'] === 'limited') {
        header('Location: /search.php');
        exit;
    }
}

include 'auth.php';

// Überprüfen, ob ein POST-Request gesendet wurde
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $username = $_POST['username'];
    $password = $_POST['password'];

    // Authentifizierung des Benutzers
    if (authenticate($username, $password)) {
        // Benutzer ist erfolgreich angemeldet
        if ($_SESSION['access_level'] === 'all') {
            header('Location: admin.php');
            exit;
        } elseif ($_SESSION['access_level'] === 'limited') {
            header('Location: search.php');
            exit;
        }
    } else {
        // Falsche Anmeldeinformationen
        $error = "Falscher Benutzername oder Passwort.";
    }
}
?>
<!DOCTYPE html>
<html lang="de">
<head>
    <meta charset="UTF-8">
    <title>Login</title>
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
</head>
<body>
    <div class="container mt-5">
        <div class="row justify-content-center">
            <div class="col-md-6">
                <div class="card">
                    <div class="card-header">Login</div>
                    <div class="card-body">
                        <form method="post">
                            <div class="form-group">
                                <label for="username">Benutzername:</label>
                                <input type="text" class="form-control" id="username" name="username" required>
                            </div>
                            <div class="form-group">
                                <label for="password">Passwort:</label>
                                <input type="password" class="form-control" id="password" name="password" required>
                            </div>
                            <button type="submit" class="btn btn-primary">Login</button>
                        </form>
                        <?php if (isset($error)) : ?>
                            <div class="alert alert-danger mt-3" role="alert"><?= $error ?></div>
                        <?php endif; ?>
                    </div>
                </div>
            </div>
        </div>
    </div>
</body>
</html>