siteWeb/sign_in.php

<!-- Traitement PHP -->
<?php 
/*
Faire de la sécurité et de l'optimisation
Ce code est pourri mais VRAIMENT
*/
$servername = 'mysql-serny-nsi.alwaysdata.net';
$username = 'serny-nsi';
$mdp = 'ecole9090*';

$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);

if (isset($_POST['submit'])) {
	if (isset($_POST["f_email"]) AND !empty($_POST["f_email"]) AND isset($_POST["f_password"]) AND !empty($_POST["f_password"])) {
		$password = htmlspecialchars($_POST['password']);
		$mail = htmlspecialchars($_POST['f_email']);
		
		$look = $bdd->prepare("SELECT * FROM membres WHERE email = :mail");
		$look->bindParam(":mail", $mail);
		$look->execute();
		$userexist = -1;
		$userexist = $look->rowCount();
		if ($userexist == 0) {
			$data = $look->fetch();
			var_dump($password,$data['password']);
			if (password_verify($password,$data['password'])) {
				$erreur = "Vous avez été correctement connecté.";
			} else {
				$erreur = "Les mots de passe ne correspondent pas.";
			}
		} else {
			$erreur = "Le mail utilisé est inconnu.";
		}
}
}
?>
<!DOCTYPE html>
<html lang="fr">

<head>
	<title>Conenxion</title>
	<meta charset="UTF-8">
	<link href="style/style_log.css" rel="stylesheet">
	<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">
</head>

<body>
	<div class="log-area">
		<p>Connecte-toi pour accéder à plus de foncitonnalités</p>
		<form action="" method="POST">
			<div class="f_inputs">
				<div>
					<label for="f_email">Adresse mail : </label><input type="email" id="f_email" maxlength="70"
						placeholder="Adresse mail"
						name="f_email">
				</div>
				<div>
					<label for="f_password">Mot de passe : </label><input type="password" id="f_password" maxlength="40"
						placeholder="Mot de passe"
						name="f_password">
				</div>
			</div>
			<div class="buttons">
				<div class="sign_up">
					<a href="sign_up.html">Pas de compte ?</a>
				</div>
				<div class="sign_in">
					<input type="submit" name="submit" value="Se connecter" id="submit">
				</div>
			</div>
			<div>
				<?= $erreur ?>
			</div>
		</form>
	</div>
</body>

</html>
Lycee_fin_cour_15/11 3 years ago			`<!-- Traitement PHP -->`
			`<?php`
			`/*`
			`Faire de la sécurité et de l'optimisation`
			`Ce code est pourri mais VRAIMENT`
			`*/`
			`$servername = 'mysql-serny-nsi.alwaysdata.net';`
			`$username = 'serny-nsi';`
			`$mdp = 'ecole9090*';`

			`$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);`

			`if (isset($_POST['submit'])) {`
			`if (isset($_POST["f_email"]) AND !empty($_POST["f_email"]) AND isset($_POST["f_password"]) AND !empty($_POST["f_password"])) {`
			`$password = htmlspecialchars($_POST['password']);`
			`$mail = htmlspecialchars($_POST['f_email']);`

			`$look = $bdd->prepare("SELECT * FROM membres WHERE email = :mail");`
			`$look->bindParam(":mail", $mail);`
			`$look->execute();`
			`$userexist = -1;`
			`$userexist = $look->rowCount();`
			`if ($userexist == 0) {`
			`$data = $look->fetch();`
			`var_dump($password,$data['password']);`
			`if (password_verify($password,$data['password'])) {`
			`$erreur = "Vous avez été correctement connecté.";`
			`} else {`
			`$erreur = "Les mots de passe ne correspondent pas.";`
			`}`
			`} else {`
			`$erreur = "Le mail utilisé est inconnu.";`
			`}`
			`}`
			`}`
			`?>`
			`<!DOCTYPE html>`
			`<html lang="fr">`

			`<head>`
			`<title>Conenxion</title>`
			`<meta charset="UTF-8">`
			`<link href="style/style_log.css" rel="stylesheet">`
			`<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">`
			`</head>`

			`<body>`
			`<div class="log-area">`
			`<p>Connecte-toi pour accéder à plus de foncitonnalités</p>`
			`<form action="" method="POST">`
			`<div class="f_inputs">`
			`<div>`
			`<label for="f_email">Adresse mail : </label><input type="email" id="f_email" maxlength="70"`
			`placeholder="Adresse mail"`
			`name="f_email">`
			`</div>`
			`<div>`
			`<label for="f_password">Mot de passe : </label><input type="password" id="f_password" maxlength="40"`
			`placeholder="Mot de passe"`
			`name="f_password">`
			`</div>`
			`</div>`
			`<div class="buttons">`
			`<div class="sign_up">`
			`<a href="sign_up.html">Pas de compte ?</a>`
			`</div>`
			`<div class="sign_in">`
			`<input type="submit" name="submit" value="Se connecter" id="submit">`
			`</div>`
			`</div>`
			`<div>`
			`<?= $erreur ?>`
			`</div>`
			`</form>`
			`</div>`
			`</body>`

			`</html>`