login.php
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<title>ログイン</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<h1>認証</h1>
<form method="post" action="auth.php">
<tr>
<th><label for="id">ID</label></th>
<td><input type="text" name="id" id="id"></td>
</tr>
<tr>
<th><label for="password">パスワード</label></th>
<td><input type="password" name="password" id="password"></td>
</tr>
</table>
<p><button type="submit">認証</button></p>
</form>
</div>
<script src="js/script.js"></script>
</body>
</html>
config.php
<?php
//-----------------------------------
//db接続情報(環境によって書き換える)
//-----------------------------------
$user="root";
$dbpass="";
$host="localhost";
$dbname="intra_mail";
//-----------------------------------
$dsn="mysql:host={$host};dbname={$dbname};charset=utf8";
$pdo=new PDO($dsn,$user,$dbpass);
?>
auth.php
<?php
session_start();
if(empty($_POST["id"]) || empty($_POST["password"])){
header("Location: login.php");
exit();
}
require_once("config.php");
$sql="SELECT * FROM members WHERE id=:id";
$stmt=$pdo->prepare($sql);
$stmt->bindValue(":id",$_POST["id"],PDO::PARAM_INT);
$stmt->execute();
//取り出しただけなのでfetchする
$row=$stmt->fetch(PDO::FETCH_ASSOC);
//ハッシュ済みと送られてきたpassの比較
if(password_verify($_POST["password"],$row["password"])){
//認証成功
$_SESSION["login"]=true;
$_SESSION["m_name"]=$row["m_name"];
$_SESSION["id"]=$row["id"];
header("Location: mypage.php");
exit();
}else{
//認証失敗
$_SESSION=[];//全消し
header("Location: login.php");
exit();
}
?>
css/style.css
body{
background:#fee;
}
#container{
border:1px #ccc solid;
border-radius:2rem;
background:#fff;
padding:1.5rem;
margin:0 auto;
width:80%;
}
table{
border collapse: collapse;
}
td,th{
border:solid 1px #ccc;
padding:0.2rem 0.5rem;
text-align: left;
}
th{
background:#eee;
}
mypage.php
<?php
session_start();
if(empty($_SESSION["login"])){
header("Location: login.php");
exit();
}
require_once("config.php");
$sql = "SELECT subject,sendtime,m_name FROM mails,members WHERE m_from=members.id AND m_to=:m_to ORDER BY sendtime DESC";
$stmt=$pdo->prepare($sql);
$stmt->bindValue("m_to",$_SESSION["id"],PDO::PARAM_INT);
$stmt->execute();
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<title>マイページ</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<h1><?php echo htmlspecialchars($_SESSION["m_name"],ENT_QUOTES); ?>の受信トレイ</h1>
<tr>
<th>件名</th><th>送信者名</th><th>送信日時</th>
</tr>
<?php while($row=$stmt->fetch(PDO::FETCH_ASSOC)): ?>
<tr>
<td><?php echo htmlspecialchars($row["subject"],ENT_QUOTES); ?></td>
<td><?php echo htmlspecialchars($row["m_name"],ENT_QUOTES); ?></td>
<td><?php echo $row["sendtime"]; ?></td>
</tr>
<?php endwhile; ?>
</table>
</div>
</div>
<script src="js/script.js"></script>
</body>
</html>
