Ce site est disponible à l'adresse suivante : https://serny-nsi.alwaysdata.net/ https://serny-nsi.alwaysdata.net/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

157 lines
4.4 KiB

<<<<<<< HEAD
<!-- Traitement PHP -->
<?php
$servername = 'mysql-serny-nsi.alwaysdata.net';
$username = 'serny-nsi';
$mdp = 'ecole9090*';
$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);
if (isset($_POST['submit'])) {
$response ="here2";
if (isset($_POST['f_email']) AND !empty($_POST['f_email']) AND isset($_POST['f_password']) AND !empty($_POST['f_password'])) {
$email = htmlspecialchars($_POST['f_email']);
$password = htmlspecialchars($_POST['f_password']);
$look = $bdd->prepare("SELECT * FROM membres WHERE mail = ?");
$look->execute(array($email));
$check = $look->fetch();
var_dump($check['password']);
var_dump($password);
var_dump(password_verify($password, $check['password']));
$response ="here";
if ($check['mail'] != $email) {
$response = "Ce compte n'existe pas.";
}
else {
if (password_verify($password, $check['password'])) {
$response = "Vous êtes maintenant connecté.";
header('location: https://serny-nsi.alwaysdata.net');
} else {
$response = "Le mot de passe n'est pas valide.";
}
}
} else {
$response ="Veuillez remplir les champs ci-dessus.";
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<title>Conenxion</title>
<meta charset="UTF-8">
<link href="style/style_log.css" rel="stylesheet">
<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">
</head>
<body>
<div class="log-area">
<p>Connecte-toi pour accéder à plus de foncitonnalités</p>
<form action="" method="POST">
<div class="f_inputs">
<div>
<label for="f_email">Adresse mail : </label><input type="email" name="f_email" id="f_email" maxlength="70"
placeholder="Adresse mail">
</div>
<div>
<label for="f_password">Mot de passe : </label><input type="password" name="f_password" id="f_password" maxlength="40"
placeholder="Mot de passe">
</div>
</div>
<div class="buttons">
<div class="sign_up">
<a href="sign_up.php">Pas de compte ?</a>
</div>
<div class="sign_in">
<input type="submit" name="submit" value="Se connecter" id="submit">
</div>
</div>
<p><?= $response ?></p>
</form>
</div>
</body>
=======
<!-- Traitement PHP -->
<?php
/*
Faire de la sécurité et de l'optimisation
Ce code est pourri mais VRAIMENT
*/
$servername = 'mysql-serny-nsi.alwaysdata.net';
$username = 'serny-nsi';
$mdp = 'ecole9090*';
$bdd = new PDO('mysql:host=mysql-serny-nsi.alwaysdata.net;dbname=serny-nsi_main', $username, $mdp);
if (isset($_POST['submit'])) {
if (isset($_POST["f_email"]) AND !empty($_POST["f_email"]) AND isset($_POST["f_password"]) AND !empty($_POST["f_password"])) {
$password = htmlspecialchars($_POST['password']);
$mail = htmlspecialchars($_POST['f_email']);
$look = $bdd->prepare("SELECT * FROM membres WHERE email = :mail");
$look->bindParam(":mail", $mail);
$look->execute();
$userexist = -1;
$userexist = $look->rowCount();
if ($userexist == 0) {
$data = $look->fetch();
var_dump($password,$data['password']);
if (password_verify($password,$data['password'])) {
$erreur = "Vous avez été correctement connecté.";
} else {
$erreur = "Les mots de passe ne correspondent pas.";
}
} else {
$erreur = "Le mail utilisé est inconnu.";
}
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<title>Conenxion</title>
<meta charset="UTF-8">
<link href="style/style_log.css" rel="stylesheet">
<link rel="icon" type="image/x-icon" href="_content/favicon-32x32.png">
</head>
<body>
<div class="log-area">
<p>Connecte-toi pour accéder à plus de foncitonnalités</p>
<form action="" method="POST">
<div class="f_inputs">
<div>
<label for="f_email">Adresse mail : </label><input type="email" id="f_email" maxlength="70"
placeholder="Adresse mail"
name="f_email">
</div>
<div>
<label for="f_password">Mot de passe : </label><input type="password" id="f_password" maxlength="40"
placeholder="Mot de passe"
name="f_password">
</div>
</div>
<div class="buttons">
<div class="sign_up">
<a href="sign_up.html">Pas de compte ?</a>
</div>
<div class="sign_in">
<input type="submit" name="submit" value="Se connecter" id="submit">
</div>
</div>
<div>
<?= $erreur ?>
</div>
</form>
</div>
</body>
>>>>>>> 24db56327fed9097898d28c291f7d01a5d9802b1
</html>