Update 2 files

- /html/upload.php - /html/login.php
2024-03-07 01:31:31 +00:00 · 2024-03-07 01:31:31 +00:00 · d3a589e103
commit d3a589e103
parent a709c9d447
2 changed files with 5 additions and 5 deletions
--- a/html/login.php
+++ b/html/login.php
@ -12,8 +12,8 @@ if(isset($_POST['username']) && isset($_POST['password'])) {
        $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);

        $req = $bdd->prepare("SELECT ID, username, email, display_name FROM admins WHERE (username = :username OR email = :username) AND password = :password");
-        $bdd->bindParam(':username', htmlspecialchars($_POST['username']));
-        $bdd->bindParam(':password', md5($_POST['password']));
+        $req->bindParam(':username', htmlspecialchars($_POST['username']));
+        $req->bindParam(':password', md5($_POST['password']));
        $req->execute();

        $resultat = $req->fetchAll(PDO::FETCH_ASSOC);
--- a/html/upload.php
+++ b/html/upload.php
@ -12,9 +12,9 @@ if(isset($_POST['title']) && isset($_FILES['file'])) {
    $destination = "../content/journal/" . $filename;
    $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
    $upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)");
-    $bdd->bindParam(':filename', $filename);
-    $bdd->bindParam(':titre', htmlspecialchars($_POST['titre']));
-    $bdd->bindParam(':auteur', $_SESSION['display_name']);
+    $upload->bindParam(':filename', $filename);
+    $upload->bindParam(':titre', htmlspecialchars($_POST['titre']));
+    $upload->bindParam(':auteur', $_SESSION['display_name']);
    if (isset($_POST['date']) && empty($_POST['date']) == false) {
        $bdd->bindParam(':date', htmlspecialchars($_POST['date']));
    } else {