siteWeb/sign_in.php

<<<<<<< HEAD
<!-- Traitement PHP -->
<?php 

$servername = 'mysql-serny-nsi.alwaysdata.net';
$username = 'serny-nsi';
$mdp = 'ecole9090*';

$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);


if (isset($_POST['submit'])) {
	$response ="here2";
  if (isset($_POST['f_email']) AND !empty($_POST['f_email']) AND isset($_POST['f_password']) AND !empty($_POST['f_password'])) {
    $email = htmlspecialchars($_POST['f_email']);
    $password = htmlspecialchars($_POST['f_password']);
    $look = $bdd->prepare("SELECT * FROM membres WHERE mail = ?");
    $look->execute(array($email));
	$check = $look->fetch();
	var_dump($check['password']);
	var_dump($password);
	var_dump(password_verify($password, $check['password']));
	$response ="here";
    if ($check['mail'] != $email) {
	  $response = "Ce compte n'existe pas.";
    }
    else {
      if (password_verify($password, $check['password'])) {
        $response = "Vous êtes maintenant connecté.";
        header('location: https://serny-nsi.alwaysdata.net');
        } else {
        $response = "Le mot de passe n'est pas valide.";
      }
    }
  } else {
  $response ="Veuillez remplir les champs ci-dessus.";
  }
} 

?>
<!DOCTYPE html>
<html lang="fr">

<head>
	<title>Conenxion</title>
	<meta charset="UTF-8">
	<link href="style/style_log.css" rel="stylesheet">
	<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">
</head>

<body>
	<div class="log-area">
		<p>Connecte-toi pour accéder à plus de foncitonnalités</p>
		<form action="" method="POST">
			<div class="f_inputs">
				<div>
					<label for="f_email">Adresse mail : </label><input type="email" name="f_email" id="f_email" maxlength="70"
						placeholder="Adresse mail">
				</div>
				<div>
					<label for="f_password">Mot de passe : </label><input type="password" name="f_password" id="f_password" maxlength="40"
						placeholder="Mot de passe">
				</div>
			</div>
			<div class="buttons">
				<div class="sign_up">
					<a href="sign_up.php">Pas de compte ?</a>
				</div>
				<div class="sign_in">
					<input type="submit" name="submit" value="Se connecter" id="submit">
				</div>
			</div>
			<p><?= $response ?></p>
		</form>
	</div>
</body>

=======
<!-- Traitement PHP -->
<?php 
/*
Faire de la sécurité et de l'optimisation
Ce code est pourri mais VRAIMENT
*/
$servername = 'mysql-serny-nsi.alwaysdata.net';
$username = 'serny-nsi';
$mdp = 'ecole9090*';

$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);

if (isset($_POST['submit'])) {
	if (isset($_POST["f_email"]) AND !empty($_POST["f_email"]) AND isset($_POST["f_password"]) AND !empty($_POST["f_password"])) {
		$password = htmlspecialchars($_POST['password']);
		$mail = htmlspecialchars($_POST['f_email']);
		
		$look = $bdd->prepare("SELECT * FROM membres WHERE email = :mail");
		$look->bindParam(":mail", $mail);
		$look->execute();
		$userexist = -1;
		$userexist = $look->rowCount();
		if ($userexist == 0) {
			$data = $look->fetch();
			var_dump($password,$data['password']);
			if (password_verify($password,$data['password'])) {
				$erreur = "Vous avez été correctement connecté.";
			} else {
				$erreur = "Les mots de passe ne correspondent pas.";
			}
		} else {
			$erreur = "Le mail utilisé est inconnu.";
		}
}
}
?>
<!DOCTYPE html>
<html lang="fr">

<head>
	<title>Conenxion</title>
	<meta charset="UTF-8">
	<link href="style/style_log.css" rel="stylesheet">
	<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">
</head>

<body>
	<div class="log-area">
		<p>Connecte-toi pour accéder à plus de foncitonnalités</p>
		<form action="" method="POST">
			<div class="f_inputs">
				<div>
					<label for="f_email">Adresse mail : </label><input type="email" id="f_email" maxlength="70"
						placeholder="Adresse mail"
						name="f_email">
				</div>
				<div>
					<label for="f_password">Mot de passe : </label><input type="password" id="f_password" maxlength="40"
						placeholder="Mot de passe"
						name="f_password">
				</div>
			</div>
			<div class="buttons">
				<div class="sign_up">
					<a href="sign_up.html">Pas de compte ?</a>
				</div>
				<div class="sign_in">
					<input type="submit" name="submit" value="Se connecter" id="submit">
				</div>
			</div>
			<div>
				<?= $erreur ?>
			</div>
		</form>
	</div>
</body>

>>>>>>> 24db56327fed9097898d28c291f7d01a5d9802b1
</html>
test 3 years ago			`<<<<<<< HEAD`
test 3 years ago			`<!-- Traitement PHP -->`
			`<?php`

			`$servername = 'mysql-serny-nsi.alwaysdata.net';`
			`$username = 'serny-nsi';`
			`$mdp = 'ecole9090*';`

			`$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);`


			`if (isset($_POST['submit'])) {`
			`$response ="here2";`
			`if (isset($_POST['f_email']) AND !empty($_POST['f_email']) AND isset($_POST['f_password']) AND !empty($_POST['f_password'])) {`
			`$email = htmlspecialchars($_POST['f_email']);`
			`$password = htmlspecialchars($_POST['f_password']);`
			`$look = $bdd->prepare("SELECT * FROM membres WHERE mail = ?");`
			`$look->execute(array($email));`
			`$check = $look->fetch();`
			`var_dump($check['password']);`
			`var_dump($password);`
			`var_dump(password_verify($password, $check['password']));`
			`$response ="here";`
			`if ($check['mail'] != $email) {`
			`$response = "Ce compte n'existe pas.";`
			`}`
			`else {`
			`if (password_verify($password, $check['password'])) {`
			`$response = "Vous êtes maintenant connecté.";`
			`header('location: https://serny-nsi.alwaysdata.net');`
			`} else {`
			`$response = "Le mot de passe n'est pas valide.";`
			`}`
			`}`
			`} else {`
			`$response ="Veuillez remplir les champs ci-dessus.";`
			`}`
			`}`

			`?>`
			`<!DOCTYPE html>`
			`<html lang="fr">`

			`<head>`
			`<title>Conenxion</title>`
			`<meta charset="UTF-8">`
			`<link href="style/style_log.css" rel="stylesheet">`
			`<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">`
			`</head>`

			`<body>`
			`<div class="log-area">`
			`<p>Connecte-toi pour accéder à plus de foncitonnalités</p>`
			`<form action="" method="POST">`
			`<div class="f_inputs">`
			`<div>`
			`<label for="f_email">Adresse mail : </label><input type="email" name="f_email" id="f_email" maxlength="70"`
			`placeholder="Adresse mail">`
			`</div>`
			`<div>`
			`<label for="f_password">Mot de passe : </label><input type="password" name="f_password" id="f_password" maxlength="40"`
			`placeholder="Mot de passe">`
			`</div>`
			`</div>`
			`<div class="buttons">`
			`<div class="sign_up">`
			`<a href="sign_up.php">Pas de compte ?</a>`
			`</div>`
			`<div class="sign_in">`
			`<input type="submit" name="submit" value="Se connecter" id="submit">`
			`</div>`
			`</div>`
			`<p><?= $response ?></p>`
			`</form>`
			`</div>`
			`</body>`

test 3 years ago			`=======`
Lycee_fin_cour_15/11 3 years ago			`<!-- Traitement PHP -->`
			`<?php`
			`/*`
			`Faire de la sécurité et de l'optimisation`
			`Ce code est pourri mais VRAIMENT`
			`*/`
			`$servername = 'mysql-serny-nsi.alwaysdata.net';`
			`$username = 'serny-nsi';`
			`$mdp = 'ecole9090*';`

			`$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);`

			`if (isset($_POST['submit'])) {`
			`if (isset($_POST["f_email"]) AND !empty($_POST["f_email"]) AND isset($_POST["f_password"]) AND !empty($_POST["f_password"])) {`
			`$password = htmlspecialchars($_POST['password']);`
			`$mail = htmlspecialchars($_POST['f_email']);`

			`$look = $bdd->prepare("SELECT * FROM membres WHERE email = :mail");`
			`$look->bindParam(":mail", $mail);`
			`$look->execute();`
			`$userexist = -1;`
			`$userexist = $look->rowCount();`
			`if ($userexist == 0) {`
			`$data = $look->fetch();`
			`var_dump($password,$data['password']);`
			`if (password_verify($password,$data['password'])) {`
			`$erreur = "Vous avez été correctement connecté.";`
			`} else {`
			`$erreur = "Les mots de passe ne correspondent pas.";`
			`}`
			`} else {`
			`$erreur = "Le mail utilisé est inconnu.";`
			`}`
			`}`
			`}`
			`?>`
			`<!DOCTYPE html>`
			`<html lang="fr">`

			`<head>`
			`<title>Conenxion</title>`
			`<meta charset="UTF-8">`
			`<link href="style/style_log.css" rel="stylesheet">`
			`<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">`
			`</head>`

			`<body>`
			`<div class="log-area">`
			`<p>Connecte-toi pour accéder à plus de foncitonnalités</p>`
			`<form action="" method="POST">`
			`<div class="f_inputs">`
			`<div>`
			`<label for="f_email">Adresse mail : </label><input type="email" id="f_email" maxlength="70"`
			`placeholder="Adresse mail"`
			`name="f_email">`
			`</div>`
			`<div>`
			`<label for="f_password">Mot de passe : </label><input type="password" id="f_password" maxlength="40"`
			`placeholder="Mot de passe"`
			`name="f_password">`
			`</div>`
			`</div>`
			`<div class="buttons">`
			`<div class="sign_up">`
			`<a href="sign_up.html">Pas de compte ?</a>`
			`</div>`
			`<div class="sign_in">`
			`<input type="submit" name="submit" value="Se connecter" id="submit">`
			`</div>`
			`</div>`
			`<div>`
			`<?= $erreur ?>`
			`</div>`
			`</form>`
			`</div>`
			`</body>`

test 3 years ago			`>>>>>>> 24db56327fed9097898d28c291f7d01a5d9802b1`
test 3 years ago			`</html>`