98 lines
3.3 KiB
PHP
Executable File
98 lines
3.3 KiB
PHP
Executable File
<?php
|
|
require("../../include/variables.php");
|
|
require("../../include/init.php");
|
|
require("../../include/main-functions.php");
|
|
require("../../include/inputs.php");
|
|
require("../../include/panels.php");
|
|
|
|
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
|
|
|
|
if (isset($_SESSION['userID'])) {
|
|
header("Location: /");
|
|
die("Vous êtes déjà connecté.");
|
|
}
|
|
|
|
if (isset($_POST['username']) && isset($_POST['password'])) {
|
|
|
|
if (empty($_POST['username']) == false && empty($_POST['password']) == false) {
|
|
|
|
if(preg_match('!\S!u', $_POST['username']) && preg_match('!\S!u', $_POST['password'])) {
|
|
|
|
$sqlRequest = "SELECT ID, username, display_name, role, accreditation FROM users WHERE (username = :username OR email = :username) AND password = :password";
|
|
$request = $pdo->prepare($sqlRequest);
|
|
$request->bindParam(":username", htmlspecialchars($_POST['username']));
|
|
$request->bindParam(":password", md5($_POST['password']));
|
|
$request->execute();
|
|
$result = $request->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
if ($result) {
|
|
|
|
$_SESSION['userID'] = $result[0]['ID'];
|
|
$_SESSION['userName'] = $result[0]['username'];
|
|
$_SESSION['userDisplayName'] = $result[0]['display_name'];
|
|
$_SESSION['userRole'] = $result[0]['role'];
|
|
$_SESSION['userAccreditation'] = $result[0]['accreditation'];
|
|
$redirectPage = isset($_GET['p']) ? $_GET['p'] : "";
|
|
header('Location: /' . $redirectPage);
|
|
exit("Login success");
|
|
|
|
} else {
|
|
$status = 'Identifiants incorrects';
|
|
}
|
|
} else {
|
|
$status = 'Caractères illégaux';
|
|
}
|
|
} else {
|
|
$status = 'Les champs ne doivent pas être vides';
|
|
}
|
|
}
|
|
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html lang="fr">
|
|
|
|
<head>
|
|
<?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
|
|
<style>
|
|
</style>
|
|
</head>
|
|
|
|
<body class="body">
|
|
|
|
<header>
|
|
<div class="panel-content">
|
|
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
|
|
</div>
|
|
</header>
|
|
|
|
<nav>
|
|
<div class="panel-content">
|
|
<?php fillNav($rootPageURL);?>
|
|
</div>
|
|
</nav>
|
|
|
|
<main>
|
|
<div class="content">
|
|
<form action="#" method="post">
|
|
<div class="form">
|
|
<div class="form-title">Se Connecter</div>
|
|
<div class="status"><?=$status?></div>
|
|
<?php
|
|
textInput("text", "", "username", "Login / Email", "");
|
|
textInput("password", "", "password", "Mot de Passe", "");
|
|
?>
|
|
<button type="submit">Se connecter</button>
|
|
<div>ou</div>
|
|
<a href="register.php" class="button">Créer un compte</a>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</main>
|
|
<footer>
|
|
<div class="panel-content">
|
|
<?php fillFooter($footerText);?>
|
|
</div>
|
|
</footer>
|
|
</body>
|
|
</html>
|