<?php
session_start();
$pdo = new PDO('mysql:host='localhost'; dbname='', 'root', '');
if(isset($_GET['login'])) {
$email = $_POST['email'];
$passwort = $_POST['passwort'];
$statement = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$result = $statement->execute(array('email' => $email));
$user = $statement->fetch();
if ($user !== false && password_verify($passwort, $user['passwort'])) {
$_SESSION['userid'] = $user['id'];
die('<p style=\"font-family:helvetica, verdana, arial, sans-serif; font-size: 14px;\">Login erfolgreich. Weiter zu <a href="php/intern.php">internen Bereich</a></p>');
} else {
$errorMessage = "<div id='fehler'>E-Mail oder Passwort war ungültig<br></div>";
}
}
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<title>Document</title>
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<link rel="stylesheet" type="text/css" media="screen" href="css/style.css">
</head>
<body>
<article class="suchbox">
<section id="wohnen">
<h2><a href="#wohnen">Wohnen</a></h2>
<div class="inhalt">
<h3>Immobilien - Häuser, Wohnungen & Zimmer</h3>
<p>Immonet - Wohnungen, Häuser, Hausbau - Fertig- & Massivhäuser und noch viel mehr </p>
<form name="suche" action="<?php $_SERVER['SCRIPT_NAME']; ?>" method="POST">
<div class="wohnort">
<input class="input" type="text" size=20 name="ort" placeholder="PLZ, Stadtteil,...">
</div>
<div class="wohnart">
<select class="input" size=1 name="wohnart">
<option value="1">Wohnung mieten</option>
<option value="2">Wohnung kaufen</option>
<option value="3">Haus mieten</option>
<option value="4">Haus kaufen</option>
<option value="5">Grundstück kaufen</option>
</select>
</div>
<input class="button" type="submit" name="submit" value="Suche">
<div class="clearfix"></div>
<div class="preis">
<input class="input" type="text" size=10 name="preis" placeholder="Preis (€):">
</div>
<div class="groesse">
<input class="input" type="text" size=10 name="groesse" placeholder="Größe (m²):">
</div>
<div class="zimmer">
<input class="input" type="text" size=10 name="zimmer" placeholder="Zimmer:">
</div>
<br />
</form>
</div>
<br>
<br>
<?php
// $host = "localhost";
// $user = "root";
// $password = "";
// $database_name = "wohnen";
// $pdo = new PDO("mysql:host=$host;dbname=$database_name", $user, $password, array(
// PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
// ));
$search=$_POST['zimmer']; <-----------dieser teil ist definitv falsch :-)
$search=$_POST['groesse'];
$search=$_POST['preis'];
$search=$_POST['ort'];
$query = $pdo->prepare("select * from wohnung_mieten where zimmer LIKE '%$search%' OR groesse LIKE '%$search%' OR preis LIKE '%$search%' OR ort LIKE '%$search%' LIMIT 0 , 10");
$query->bindValue(1, "%$search%", PDO::PARAM_INT);
$query->bindValue(2, "%$search%", PDO::PARAM_INT);
$query->bindValue(3, "%$search%", PDO::PARAM_STR);
$query->bindValue(4, "%$search%", PDO::PARAM_STR);
$query->execute();
if (isset($_POST['zimmer'])
or isset($_POST['groesse'])
or isset($_POST['preis'])
or isset($_POST['ort'])) {
echo "Suchergebnisse :<br/>";
echo "<table style=\"font-family:arial;color:#333333;\">";
echo "<tr><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Wohnort</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Größe</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Zimmer</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Preis</td></tr>";
while ($results = $query->fetch()) {
echo "<tr><td style=\"border:solid 1px rgb(107, 217, 79);\"><a href='#'>";
echo $results['ort'];
echo "</a></td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo $results['groesse'];
echo "</td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo $results['zimmer'];
echo "</td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo "€ " .$results['preis'];
echo "</td></tr>";
}
echo "</table>";
}
// else {
// echo "<p style=\"color:#E82000;\">keine Ergebnisse</p>";
// }
?>
</section>
<section id="gewerbe">
<h2><a href="#gewerbe">Gewerbe</a></h2>
<div class="inhalt">
<h3>Gewerbe-Immobilien von Büro bis Praxis</h3>
<p>Grundstück, Lager oder Restaurant - alles für Ihr Gewerbe </p>
<form name="suche" action="<?php $_SERVER['SCRIPT_NAME']; ?>" method="POST">
<div class="wohnort">
<input class="input" type="text" size="20" name="ort" placeholder="PLZ, Stadtteil,...">
</div>
<div class="wohnart">
<select class="input" size=1 name="wohnart">
<option value="1">Büro/Praxis</option>
<option value="2">Grundstücke</option>
<option value="3">Hotel/Gastgewerbe</option>
<option value="4">Laden/Einzelhandel</option>
<option value="5">Halle/Lager/Produktion</option>
</select>
</div>
<input class="button" type="submit" name="submit" value="Suche">
<div class="clearfix"></div>
<div class="preis">
<input class="input" type="text" size=10 name="preis" placeholder="Preis (€):">
</div>
<div class="groesse">
<input class="input" type="text" size=10 name="groesse" placeholder="Größe (m²):">
</div>
<br />
</form>
</div>
<br>
<br>
<?php
$host = "localhost";
$user = "root";
$password = "";
$database_name = "gewerbe";
$pdo = new PDO("mysql:host=$host;dbname=$database_name", $user, $password, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
));
// Search from MySQL database table
$search=$_POST['groesse'];
$search=$_POST['preis'];
$search=$_POST['ort'];
$query = $pdo->prepare("select * from buero-praxis, hotel-gastgewerbe, laden-einzelhandel, halle-lager-produktion where buero-praxis.ort LIKE '%$search%' OR buero-praxis.groesse LIKE '%$search%' OR buero-praxis.zimmer LIKE '%$search%' OR buero-praxis.preis LIKE '%$search%' OR hotel-gastgewerbe.ort LIKE '%$search%' OR hotel-gastgewerbe.groesse LIKE '%$search%' OR hotel-gastgewerbe.zimmer LIKE '%$search%' OR hotel-gastgewerbe.preis LIKE '%$search%' OR laden-einzelhandel.ort LIKE '%$search%' OR laden-einzelhandel.groesse LIKE '%$search%' OR laden-einzelhandel.preis LIKE '%$search%' OR halle-lager-produktion.ort LIKE '%$search%' OR halle-lager-produktion.groesse LIKE '%$search%' OR halle-lager-produktion.preis LIKE '%$search%' LIMIT 0 , 10");
$query->bindValue(1, "%$search%", PDO::PARAM_INT);
$query->bindValue(2, "%$search%", PDO::PARAM_STR);
$query->bindValue(3, "%$search%", PDO::PARAM_STR);
$query->execute();
if (isset($_POST['ort'])
or isset($_POST['groesse'])
or isset($_POST['preis'])
) {
echo "Suchergebnisse :<br/>";
echo "<table style=\"font-family:arial;color:#333333;\">";
echo "<tr><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Bezirk</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Größe</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Preis (m²/€)</td></tr>";
while ($results = $query->fetch()) {
echo "<tr><td style=\"border:solid 1px rgb(107, 217, 79);\"><a href='#'>";
echo $results['ort'];
echo "</a></td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo $results['groesse'];
echo "</td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo "€ " .$results['preis'];
echo "</td></tr>";
}
echo "</table>";
}
else {
echo "<p style=\"color:#E82000;\">keine Ergebnisse</p>"; }
?>
</section>
<section id="umzug">
<h2><a href="#umzug">Umzug</a></h2>
<div class="inhalt">
<h3>Umziehen leicht gemacht - Der beste Service für Ihren Umzug</h3>
<p>Erhalten Sie Angebote von qualitätsgeprüften Unternehmen.</p>
<form name="suche" action="<?php $_SERVER['SCRIPT_NAME']; ?>" method="POST">
<div class="umzug_wrapper">
<h3>Umzug von</h3>
<div class="wohnort">
<input class="input" type="text" size=20 name="ort" placeholder="Straße, Hausnummer">
</div>
<div class="clearfix"></div>
<div class="preis">
<input class="input" type="text" size=10 name="preis" placeholder="PLZ">
</div>
<div class="groesse">
<input class="input" type="text" size=10 name="groesse" placeholder="Ort">
</div>
</div>
<div class="umzug_wrapper">
<h3>Umzug nach</h3>
<div class="wohnort">
<input class="input" type="text" size=20 name="ort" placeholder="Straße, Hausnummer">
</div>
<div class="clearfix"></div>
<div class="preis">
<input class="input" type="text" size=10 name="preis" placeholder="PLZ">
</div>
<div class="groesse">
<input class="input" type="text" size=10 name="groesse" placeholder="Ort">
</div>
</div>
<input class="button" type="submit" name="submit" value="Suche" style="position:relative; top:87px; right:1px;">
</form>
</div>
</div>
<br>
<br>
<?php
// $host = "localhost";
// $user = "root";
// $password = "";
// $database_name = "wohnen";
// $pdo = new PDO("mysql:host=$host;dbname=$database_name", $user, $password, array(
// PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
// ));
$search=$_POST['groesse'];
$search=$_POST['preis'];
$search=$_POST['ort'];
$query = $pdo->prepare("select * from wohnung_mieten where groesse LIKE '%$search%' OR preis LIKE '%$search%' OR ort LIKE '%$search%' LIMIT 0 , 10");
$query->bindValue(2, "%$search%", PDO::PARAM_INT);
$query->bindValue(3, "%$search%", PDO::PARAM_STR);
$query->bindValue(4, "%$search%", PDO::PARAM_STR);
$query->execute();
if (isset($_POST['ort'])
or isset($_POST['groesse'])
or isset($_POST['preis'])
) {
echo "Suchergebnisse :<br/>";
echo "<table style=\"font-family:arial;color:#333333;\">";
echo "<tr><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Wohnort</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Größe</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Zimmer</td><td style=\"border:solid 1px rgb(107, 217, 79);background:rgb(107, 217, 79);\">Preis</td></tr>";
while ($results = $query->fetch()) {
echo "<tr><td style=\"border:solid 1px rgb(107, 217, 79);\"><a href='#'>";
echo $results['ort'];
echo "</a></td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo $results['groesse'];
echo "</td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo $results['zimmer'];
echo "</td><td style=\"border:solid 1px rgb(107, 217, 79);\">";
echo "€ " .$results['preis'];
echo "</td></tr>";
}
echo "</table>";
}
else {
echo "<p style=\"color:#E82000;\">keine Ergebnisse</p>"; }
?>
</section>
<section id="login">
<h2><a href="#login">Login</a></h2>
<div class="inhalt">
<h3>Login</h3>
<p>Noch nicht dabei? Dann schnell <a href="#regi">Registrieren</a></p>
<?php
if(isset($errorMessage)) {
echo $errorMessage;
}
?>
<form action="?login=1" method="post">
<div class="login">
E-Mail:
<br>
<input class="input" type="email" size="40" maxlength="250" name="email">
<br> Dein Passwort:
<br>
<input class="input" type="password" size="40" maxlength="250" name="passwort">
<br>
</div>
<input class="button" type="submit" value="Anmelden" style="position:relative; top:22px; right:-40px;">
</form>
</div>
</section>
<section id="regi">
<h2><a href="#regi">Registratur</a></h2>
<div class="inhalt">
<?php
$showFormular = true;
if(isset($_GET['register'])) {
$error = false;
$vorname = $_POST['vorname'];
$nachname = $_POST['nachname'];
$email = $_POST['email'];
$passwort = $_POST['passwort'];
$passwort2 = $_POST['passwort2'];
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo '<<h4 style=\"color:#E82000; position:absolute; top:450px; left:660px;\">Bitte eine gültige E-Mail-Adresse eingeben</h4>';
$error = true;
}
if(strlen($passwort) == 0) {
echo '<<h4 style=\"color:#E82000; position:absolute; top:450px; left:660px;\">Bitte ein Passwort angeben</h4>';
$error = true;
}
if($passwort != $passwort2) {
echo "<h4 style=\"color:#E82000; position:absolute; top:450px; left:660px;\">Die Passwörter müssen übereinstimmen</h4>";
$error = true;
}
if(!$error) {
$statement = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$result = $statement->execute(array('email' => $email));
$user = $statement->fetch();
if($user !== false) {
echo '<<h4 style=\"color:#E82000; position:absolute; top:450px; left:660px;\">Diese E-Mail-Adresse ist bereits vergeben</h4>';
$error = true;
}
}
if(!$error) {
$passwort_hash = password_hash($passwort, PASSWORD_DEFAULT);
$statement = $pdo->prepare("INSERT INTO users (email, passwort, vorname, nachname) VALUES (:email, :passwort, :vorname, :nachname)");
$result = $statement->execute(array('email' => $email, 'passwort' => $passwort_hash, 'vorname' => $vorname, 'nachname' => $nachname));
if($result) {
echo '<p>Du wurdest erfolgreich registriert. <a href="#login">Zum Login</a></p>';
$showFormular = false;
} else {
echo '<<h4 style=\"color:#E82000; position:absolute; top:450px; left:660px;\">Beim Abspeichern ist leider ein Fehler aufgetreten</h4>';
}
}
}
if($showFormular) {
?>
<form action="?register=1" method="post">
<div style="float:left;">
<p style="margin:10px 0 0 0;">Vorname:</p>
<input class="input" type="text" size="40" maxlength="250" name="vorname">
<p style="margin:10px 0 0 0;">Nachame:</p>
<input class="input" type="text" size="40" maxlength="250" name="nachname">
<p style="margin:10px 0 0 0;">E-Mail:</p>
<input class="input" type="email" size="40" maxlength="250" name="email">
</div>
<div class="clearfix"></div>
<div style="float:right; position:relative; bottom:193px; margin:0 10px 0 0;">
<p style="margin:10px 0 0 0;">Dein Passwort:</p>
<input class="input" type="password" size="40" maxlength="250" name="passwort">
<p style="margin:10px 0 0 0;">Passwort wiederholen:</p>
<input class="input" type="password" size="40" maxlength="250" name="passwort2">
<br>
<input class="button" type="submit" value="Abschicken" style="margin-top:25px;">
</div>
</form>
</div>
<?php
}
?>
</div>
</section>
</article>
</body>
</html>