diff --git a/app/public/html/header.html b/app/public/html/header.html
index 5d22b73..fb060ee 100644
--- a/app/public/html/header.html
+++ b/app/public/html/header.html
@@ -14,6 +14,7 @@
                 Punktesystem-KSP
             </div>
         <nav>
+            <a href="logout.php">logout</a>
             <a href="index.php">Home</a>
             <a href="mannschaft.php">Mannschaftsverwaltung</a>
             <a href="stationen.php">Stationen</a>
diff --git a/app/public/index.php b/app/public/index.php
index 6879d66..5f07997 100644
--- a/app/public/index.php
+++ b/app/public/index.php
@@ -1,4 +1,13 @@
-<?php echo file_get_contents("html/header.html"); ?>
+<?php
+    session_start();
+    include("../scripts/connection.php");
+    include("../scripts/functions.php");
+
+    $user_data = check_login($con);
+
+    echo file_get_contents("html/header.html"); 
+?>
+
 <body>
 <h1><span>Punktesystem Kreispokalwettbewerb Altdorf</span></h1>
     <p>test</p>
diff --git a/app/public/login.php b/app/public/login.php
new file mode 100644
index 0000000..f63348a
--- /dev/null
+++ b/app/public/login.php
@@ -0,0 +1,42 @@
+<?php
+    session_start();
+    include("../scripts/connection.php");
+    include("../scripts/functions.php");
+
+    if($_SERVER['REQUEST_METHOD'] == "POST"){
+        $user_name = $_POST['user_name'];
+        $password = $_POST['password'];
+
+        if(!empty($user_name) && !empty($password)) {
+            $user_data = get_user_data_name($con, $user_name);
+            $phash = generate_password_hash($password, $user_data['salt']);
+            if($user_data['password'] === $phash) {
+                $_SESSION['user_id'] = $user_data['user_id'];
+                header("Location: index.php");
+                die;
+            } else {
+                echo "Benutzername oder Passwort stimmen nicht";
+            }
+        } else {
+            echo "Gib bitte gültige Daten ein!";
+        }
+    }
+?>
+
+<!DOCTYPE html>
+<html lang="de">
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Punktesystem-KSP</title>
+</head>
+<body>
+    <form method="post">
+        <input type="text" name="user_name"><br><br>
+        <input type="password" name="password"><br><br>
+
+        <input id="button" type="submit" value="Login"><br><br>
+    </form>    
+</body>
+</html>
\ No newline at end of file
diff --git a/app/public/logout.php b/app/public/logout.php
new file mode 100644
index 0000000..86c6570
--- /dev/null
+++ b/app/public/logout.php
@@ -0,0 +1,9 @@
+<?php
+session_start();
+
+if(isset($_SESSION['user_id'])) {
+    unset($_SESSION['user_id']);
+}
+
+header("Location: login.php");
+die;
\ No newline at end of file
diff --git a/app/public/mannschaft.php b/app/public/mannschaft.php
index ca3b613..8590566 100644
--- a/app/public/mannschaft.php
+++ b/app/public/mannschaft.php
@@ -1,3 +1,10 @@
-<!DOCTYPE html>
-<?php echo file_get_contents("html/header.html"); ?>
+<?php
+    session_start();
+    
+    include("../scripts/connection.php");
+    include("../scripts/functions.php");
+    $user_data = check_login($con);
+    
+    echo file_get_contents("html/header.html"); 
+?>
 <?php echo file_get_contents("html/footer.html"); ?>
\ No newline at end of file
diff --git a/app/public/stationen.php b/app/public/stationen.php
index ca3b613..8590566 100644
--- a/app/public/stationen.php
+++ b/app/public/stationen.php
@@ -1,3 +1,10 @@
-<!DOCTYPE html>
-<?php echo file_get_contents("html/header.html"); ?>
+<?php
+    session_start();
+    
+    include("../scripts/connection.php");
+    include("../scripts/functions.php");
+    $user_data = check_login($con);
+    
+    echo file_get_contents("html/header.html"); 
+?>
 <?php echo file_get_contents("html/footer.html"); ?>
\ No newline at end of file
diff --git a/app/public/statistik.php b/app/public/statistik.php
index ca3b613..8590566 100644
--- a/app/public/statistik.php
+++ b/app/public/statistik.php
@@ -1,3 +1,10 @@
-<!DOCTYPE html>
-<?php echo file_get_contents("html/header.html"); ?>
+<?php
+    session_start();
+    
+    include("../scripts/connection.php");
+    include("../scripts/functions.php");
+    $user_data = check_login($con);
+    
+    echo file_get_contents("html/header.html"); 
+?>
 <?php echo file_get_contents("html/footer.html"); ?>
\ No newline at end of file
diff --git a/app/scripts/connection.php b/app/scripts/connection.php
new file mode 100644
index 0000000..525b839
--- /dev/null
+++ b/app/scripts/connection.php
@@ -0,0 +1,15 @@
+<?php
+
+$dbhost = "mysql";
+$dbuser = "grisu";
+$dbpass = "secret";
+$dbname = "ksp";
+
+try {
+    $con = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass);
+    $con->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
+    $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+} catch(PDOExeption $e) {
+    print "Error!: " . $e->getMessage() . "<br/>";
+    die();
+}
\ No newline at end of file
diff --git a/app/scripts/database_queries.php b/app/scripts/database_queries.php
index 1f7efef..158e19a 100644
--- a/app/scripts/database_queries.php
+++ b/app/scripts/database_queries.php
@@ -1,5 +1,10 @@
 <?php
 
+function handle_pdo_exception($e) {
+    print "Error!: " . $e->getMessage() . "<br/>";
+    die();
+}
+
 function get_Station() {
     try {
         $dbh = new PDO('mysql:host=mysql;dbname=ksp', 'grisu', 'secret');
@@ -8,9 +13,53 @@ function get_Station() {
         }
         $dbh = null;
     } catch(PDOException $e) {
-        print "Error!: " . $e->getMessage() . "<br/>";
-        die();
+        handle_pdo_exception($e);
     }
 }
 
-?>
\ No newline at end of file
+function check_user_id($con, $user_id) {
+    try {
+        $stmt = $con->prepare('SELECT user_id FROM users WHERE user_id = :user_id limit 1');
+        $stmt->execute(['user_id' => $user_id]);
+
+        if($stmt) {
+            return true;
+        } else {
+            return false;
+        }
+    } catch(PDOException $e) {
+        handle_pdo_exception($e);
+    }
+}
+
+function get_user_data_name($con, $user_name) {
+    try {
+        $stmt = $con->prepare('SELECT * FROM users WHERE user_name = :user_name limit 1');
+        $stmt->execute(['user_name' => $user_name]);
+        $stmt->setFetchMode(PDO::FETCH_ASSOC);
+        return $stmt->fetch();
+    } catch(PDOException $e) {
+        handle_pdo_exception($e);
+    }
+}
+
+function get_user_data_id($con, $user_id) {
+    try {
+        $stmt = $con->prepare('SELECT * FROM users WHERE user_id = :user_id limit 1');
+        $stmt->execute(['user_id' => $user_id]);
+        $stmt->setFetchMode(PDO::FETCH_ASSOC);
+        return $stmt->fetch();
+    } catch(PDOException $e) {
+        handle_pdo_exception($e);
+    }
+}
+
+function add_user($con, $username, $user_id, $user_group, $password, $salt) {
+    try {
+        $stmt = $con->prepare("INSERT INTO users (user_id, password, user_name, salt, user_group) VALUES (?, ?, ?, ?, ?)");
+        $stmt->bind_param("sssss", $user_id, $password, $username, $salt, $user_group);
+        $stmt->execute();        
+    } catch(PDOExeption $e) {
+        handle_pdo_exception($e);
+    }   
+}
\ No newline at end of file
diff --git a/app/scripts/functions.php b/app/scripts/functions.php
new file mode 100644
index 0000000..98aec26
--- /dev/null
+++ b/app/scripts/functions.php
@@ -0,0 +1,34 @@
+<?php
+
+include("database_queries.php");
+
+function check_login($con) {
+    
+    if(isset($_SESSION['user_id'])) {
+        
+        $id = $_SESSION['user_id'];
+        if(check_user_id($con, $id)) {
+            return get_user_data_id($con, $id);
+        } else {
+            header("Location: login.php");
+            die;
+        }
+    } else {
+        header("Location: login.php");
+        die;
+    }
+}
+
+function generate_salt() {
+    return substr(bin2hex(random_bytes(128)), 0, 128);
+}
+
+function generate_user_id($username, $salt) {
+    $uname = $username . $salt;
+    return hash('sha3-512', $uname);
+}
+
+function generate_password_hash($password, $salt) {
+    $pword = $password . $salt;
+    return hash('sha3-512', $pword);
+}
\ No newline at end of file