login should work now

threadr/userhome/index.php

@@ -1,3 +1,25 @@
+<?php
+session_start();
+//Todo: make this a setting for users that use VPNs/Proxies and seem to jump around the world rather quickly...
+if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR']){
+  // force logout
+  $_SESSION = array();
+  if (ini_get("session.use_cookies")) {
+    $params = session_get_cookie_params();
+    setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
+  }
+  session_destroy();
+  header("Location: https://lostcave.ddnss.de/common/threadr/login/?error=session");
+  die();
+}
+
+$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
+$statement = $pdo->prepare('SELECT name FROM users WHERE id = :user_id;'); // to be replaced with optional user name off the user data table
+$result = $statement->execute(array('user_id' => $_SESSION['user_id']));
+$dbentry = $statement->fetch();
+$username = $dbentry['name'];
+?>
+<!DOCTYPE html>
 <html>
   <head>
     <title>ThreadR</title>
@@ -17,8 +39,7 @@
       <center><h1>ThreadR</h1></center>
     </div>
     <div class="item-2">
-      <center><h3><?php $username = $_POST['name'];
+      <center><h3><?php echo "Welcome back, $username !";?> </h3></center>
-        echo "Welcome back, $username !";?> </h3></center>
     </div>
   </div>
 </html>