30){
$error = "Nom d'utilisateur trop long";
} else {
$stmt = $pdo->query("SELECT * FROM utilisateurs WHERE username = '" . $username . "' AND password = '" . md5($password) . "'");
if ($stmt->rowCount() > 0) {
$_SESSION['password'] = $password;
$_SESSION['username'] = $username;
foreach($stmt as $user) {
foreach ($user as $key => $value) {
$_SESSION['userdata'][$key] = $value;
}
}
$iv = hex2bin($_SESSION['userdata']['iv']);
$usercaschiffre = base64_decode($_SESSION['userdata']['usercas']);
$passcaschiffre = base64_decode($_SESSION['userdata']['passcas']);
if (isset($iv) && isset($usercaschiffre) && isset($passcaschiffre)) {
$_SESSION['usercas'] = openssl_decrypt($usercaschiffre, 'aes-256-cbc', $password, 0, $iv);
$_SESSION['passcas'] = openssl_decrypt($passcaschiffre, 'aes-256-cbc', $password, 0, $iv);
} else {
$_SESSION['usercas'] = "";
$_SESSION['passcas'] = "";
}
$now = getdate();
$log = "C => " . sprintf("%02d", $now['mday']) . "/" . sprintf("%02d", $now['mon']) . "/" . $now['year'] . " " . sprintf("%02d", $now['hours']) . ":" . sprintf("%02d", $now['minutes']) . ":" . sprintf("%02d", $now['seconds']) . " -> " . $username . " s'est connecté depuis " . $_SERVER['REMOTE_ADDR'] . " avec la session : " . session_id() . "\n";
addlog($log, $log_dir);
$pdo = null;
if (isset($_GET["page"])) {
header("Location: " . $_GET["page"]);
exit();
} else {
header("Location: index.php");
exit();
}
} else {
$now = getdate();
$log_data = "F => " . sprintf("%02d", $now['mday']) . "/" . sprintf("%02d", $now['mon']) . "/" . $now['year'] . " " . sprintf("%02d", $now['hours']) . ":" . sprintf("%02d", $now['minutes']) . ":" . sprintf("%02d", $now['seconds']) . " -> " . $username . " a essayé de se connecter depuis " . $_SERVER['REMOTE_ADDR'] . " mauvais mot de passe\n";
addlog($log_data, $log_dir);
$error = "Nom d'utilisateur ou mot de passe incorrect";
}
}
}
?>
<?php echo $title?>
Connexion
Vous n'avez pas encore de compte ? Créer un compte