site-accueil-insa/admin/index.php

<?php
$page = "index";
include "script.php";
if(isset($_POST['login'])) {
    if (!empty($_POST['pseudo']) and !empty($_POST['password'])) {
        $pseudo = htmlspecialchars($_POST['pseudo']);
        $password = htmlspecialchars($_POST['password']);

        $req = $db->prepare("SELECT id, mdp FROM admin WHERE pseudo = ?");
        $req->execute(array($pseudo));
        $user_exist = $req->rowcount();
        if ($user_exist == 1) {
            while ($user_login = $req->fetch()) {
                $passwd = $user_login['mdp'];
                if ((password_verify($password, $passwd)) == 1) {
                	$_SESSION['id'] = $user_login['id'];
                	header('Refresh:0');
                } else {
                    $error = "Mot de passe invalide !";
                }
            }
        } else {
            $error = "Identifiant invalide !";
        }
    } else {
        $error = "Tout les champs doivent être complétés";
    }
}
?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Admin / index</title>
</head>
<body>
    <?php
    if(isset($_SESSION['id'])) {
        echo "Connecté sous l'identifiant : ".$user['pseudo'];
    } else {
    ?>
	<form method="POST">
		<input type="text" placeholder="Identifiant" name="pseudo">
		<input type="password" placeholder="mot de passe" name="password">
		<input type="submit" name="login" value="Se connecter">	
	</form>
	<?php
    }
	if(isset($error)) {
		echo "<font color='red'>".$error."</font>";
	}
	?>
</body>
</html>
admin v1 2022-06-14 23:36:26 +02:00			`<?php`
			`$page = "index";`
			`include "script.php";`
			`if(isset($_POST['login'])) {`
			`if (!empty($_POST['pseudo']) and !empty($_POST['password'])) {`
			`$pseudo = htmlspecialchars($_POST['pseudo']);`
			`$password = htmlspecialchars($_POST['password']);`

			`$req = $db->prepare("SELECT id, mdp FROM admin WHERE pseudo = ?");`
			`$req->execute(array($pseudo));`
			`$user_exist = $req->rowcount();`
			`if ($user_exist == 1) {`
			`while ($user_login = $req->fetch()) {`
			`$passwd = $user_login['mdp'];`
			`if ((password_verify($password, $passwd)) == 1) {`
			`$_SESSION['id'] = $user_login['id'];`
			`header('Refresh:0');`
			`} else {`
			`$error = "Mot de passe invalide !";`
			`}`
			`}`
			`} else {`
			`$error = "Identifiant invalide !";`
			`}`
			`} else {`
			`$error = "Tout les champs doivent être complétés";`
			`}`
			`}`
			`?>`
			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<meta charset="utf-8">`
			`<meta name="viewport" content="width=device-width, initial-scale=1">`
			`<title>Admin / index</title>`
			`</head>`
			`<body>`
			`<?php`
			`if(isset($_SESSION['id'])) {`
			`echo "Connecté sous l'identifiant : ".$user['pseudo'];`
			`} else {`
			`?>`
			`<form method="POST">`
			`<input type="text" placeholder="Identifiant" name="pseudo">`
			`<input type="password" placeholder="mot de passe" name="password">`
			`<input type="submit" name="login" value="Se connecter">`
			`</form>`
			`<?php`
			`}`
			`if(isset($error)) {`
			`echo "<font color='red'>".$error."</font>";`
			`}`
			`?>`
			`</body>`
			`</html>`