diff --git a/pages/login.php b/pages/login.php
index 6ff8078..9fc90df 100644
--- a/pages/login.php
+++ b/pages/login.php
@@ -15,36 +15,28 @@
 			$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Bitte gebe Benutzername (Vor- und Nachname) und Passwort ein.");
 		}
 		else {
-			$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName,Email,UserLevel FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1");
-			$statementUser->execute(explode(" ", trim($_POST['username']))); 
+			$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName,Email,UserLevel,passwordHash,passwordSalt FROM UserAccounts JOIN auth ON UserAccounts.PrincipalID = auth.UUID WHERE FirstName = ? AND LastName = ? LIMIT 1");
+			$statementUser->execute(explode(" ", trim($_POST['username'])));
+			$res = ['passwordHash' => '', 'passwordSalt' => ''];
 
-			while($rowUser = $statementUser->fetch()) 
-			{
-				$statementAuth = $RUNTIME['PDO']->prepare("SELECT passwordHash,passwordSalt FROM auth WHERE UUID = ? LIMIT 1");
-				$statementAuth->execute(array($rowUser['PrincipalID'])); 
-				
-				$RUNTIME['DEBUG']['LOGIN']['UUID'] = $rowUser['PrincipalID'];
+			if($rowUser = $statementUser->fetch()) {
+				$res = $rowUser;
+			}
 
-				while($rowAuth = $statementAuth->fetch()) 
-				{
-					if(md5(md5($_POST['password']).":".$rowAuth['passwordSalt']) == $rowAuth['passwordHash'])
-					{
-						session_unset(); // Unset pre-session variables, next request will generate a new CSRF token
-						$_SESSION['USERNAME'] = trim($_POST['username']);
-						$_SESSION['FIRSTNAME'] = trim($rowUser['FirstName']);
-						$_SESSION['LASTNAME'] = trim($rowUser['LastName']);
-						$_SESSION['EMAIL'] = trim($rowUser['Email']);
-						$_SESSION['PASSWORD'] = $rowAuth['passwordHash'];
-						$_SESSION['SALT'] = $rowAuth['passwordSalt'];
-						$_SESSION['UUID'] = $rowUser['PrincipalID'];
-						$_SESSION['LEVEL'] = $rowUser['UserLevel'];
-						$_SESSION['DISPLAYNAME'] = strtoupper($rowUser['FirstName'].' '.$rowUser['LastName']);
-						$_SESSION['LOGIN'] = 'true';
+			if(hash_equals(md5(md5($_POST['password']).":".$res['passwordSalt']), $res['passwordHash'])) {
+				session_unset(); // Unset pre-session variables, next request will generate a new CSRF token
+				$_SESSION['FIRSTNAME'] = trim($rowUser['FirstName']);
+				$_SESSION['LASTNAME'] = trim($rowUser['LastName']);
+				$_SESSION['EMAIL'] = trim($rowUser['Email']);
+				$_SESSION['PASSWORD'] = $rowAuth['passwordHash'];
+				$_SESSION['SALT'] = $rowAuth['passwordSalt'];
+				$_SESSION['UUID'] = $rowUser['PrincipalID'];
+				$_SESSION['LEVEL'] = $rowUser['UserLevel'];
+				$_SESSION['DISPLAYNAME'] = strtoupper($rowUser['FirstName'].' '.$rowUser['LastName']);
+				$_SESSION['LOGIN'] = 'true';
 
-						header("Location: index.php?page=dashboard");
-						die();
-					}
-				}
+				header("Location: index.php?page=dashboard");
+				die();
 			}
 
 			$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Benutzername und/oder Passwort falsch.");
@@ -55,15 +47,12 @@
 		$HTML->ReplaceLayoutInhalt('%%LOGINMESSAGE%%', $_SESSION['loginMessage']);
 		$HTML->ReplaceLayoutInhalt('%%MESSAGECOLOR%%', $_SESSION['loginMessageColor']);
 		unset($_SESSION['loginMessage']);
+		unset($_SESSION['loginMessageColor']);
 	}
 
-	if(isset($_REQUEST['page']) && preg_match('/^[0-9a-zA-Z]{1-100}$/', $_REQUEST['page']) && file_exists("./pages/".$_REQUEST['page'].".php"))
-		$HTML->ReplaceLayoutInhalt("%%PAGENAME%%", urlencode($_REQUEST['page']));
-
 	$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", ""); 
 	$HTML->ReplaceLayoutInhalt("%%MESSAGECOLOR%%", "red");
 	$HTML->ReplaceLayoutInhalt("%%LASTUSERNAME%%", ""); 
-	$HTML->ReplaceLayoutInhalt("%%PAGENAME%%", "dashboard"); 
 
 	$HTML->build();
 	echo $HTML->ausgabe();
diff --git a/pages/register.php b/pages/register.php
index 93f74f7..3d57c0b 100644
--- a/pages/register.php
+++ b/pages/register.php
@@ -135,7 +135,6 @@
 	}
 
 	session_unset(); // Unset pre-session variables, next request will generate a new CSRF token
-	$_SESSION['USERNAME'] = trim($name);
 	$_SESSION['FIRSTNAME'] = trim($nameParts[0]);
 	$_SESSION['LASTNAME'] = trim($nameParts[1]);
 	$_SESSION['EMAIL'] = $email;
diff --git a/templates/login.html b/templates/login.html
index a9176d6..f272fcd 100644
--- a/templates/login.html
+++ b/templates/login.html
@@ -22,7 +22,7 @@
 		<div class="limiter">
 			<div class="container-login100">
 				<div class="wrap-login100 p-t-50 p-b-90">
-					<form class="login100-form validate-form flex-sb flex-w" action="index.php?page=%%PAGENAME%%" method="post">
+					<form class="login100-form validate-form flex-sb flex-w" action="index.php?page=login" method="post">
 						<span class="login100-form-title p-b-51">
 							Login
 						</span>