From 0070f84ea4b526614c6ae007cd2392adc7bc41ee Mon Sep 17 00:00:00 2001 From: Loris BALOCCHI Date: Mon, 10 Jun 2024 23:23:51 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20modification=20du=20login/regist?= =?UTF-8?q?er=20+=20impl=C3=A9mentation=20du=20cookie=20de=20session=20Co-?= =?UTF-8?q?authored-by:=20Charpentier=20Juliette=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- account/login/index.php | 4 +- account/login/login.php | 123 +++++++++++++++++------------ account/profile/index.php | 40 +++++++++- account/register/index.php | 4 +- account/register/register.php | 142 ++++++++++++++++++++++++++-------- base.html | 18 ++++- tools/logout.php | 36 +++++++++ views/footer.php | 24 +++++- views/header.php | 26 ++++++- 9 files changed, 321 insertions(+), 96 deletions(-) create mode 100644 tools/logout.php diff --git a/account/login/index.php b/account/login/index.php index 1fcb6d0..36a9460 100644 --- a/account/login/index.php +++ b/account/login/index.php @@ -22,7 +22,7 @@ Avatar -
+
@@ -34,7 +34,7 @@
-
- "; - echo "mot de passe : " . $password . "
"; - /*test loris*/ - $query = "SELECT mail, password FROM user - WHERE mail = '$email'"; - $result = mysqli_query($db, $query); +if (!$result) { + die("Erreur lors de l'exécution de la requête."); +} - if (!$result) { - die("Erreur lors de l'exécution de la requête."); - } +if (!$password) { + die("Combinaison email/mot de passe incorrecte."); +} +if (!$email) { + die("Combinaison email/mot de passe incorrecte."); +} else { + echo "

Connexion réussie

"; - $row = mysqli_fetch_assoc($result); - $storedPassword = $row['password']; + // Requête pour récupérer les informations de l'utilisateur + $query = "SELECT name, family_name, role FROM user WHERE mail = '$email'"; + $result = mysqli_query($db, $query); - if (password_verify($password, $storedPassword)) { - // Authentication successful - // Set the necessary cookies and redirect to /account/profile - // ... - } else { - die("Combinaison email/mot de passe incorrecte."); - } - ?> + if (!$result) { + die('Erreur de requête : ' . mysqli_error($db)); + } - Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that - corresponds to - your MariaDB server version for the right syntax to use near '@fesse.fr AND password = - $2y$10$whzDnlmJvcSJdXqkr7SoAu5B7gmxJgcVPNT3Nr9oAPMAd...' at line 3 in - C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php:28 Stack trace: #0 - C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php(28): mysqli_query(Object(mysqli), 'SELECT - mail, - pa...') #1 {main} thrown in C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php on line 28 \ No newline at end of file + // Récupération des données + if ($row = mysqli_fetch_assoc($result)) { + $nameFetched = $row['name']; + $familyNameFetched = $row['family_name']; + $roleFetched = $row['role']; + } else { + echo "Aucun utilisateur trouvé avec cet email."; + } + + + $userData = array( + "email" => $email, + "name" => $nameFetched, + "familyName" => $familyNameFetched, + "role" => $roleFetched + ); + + $userDataEncoded = json_encode($userData); + + setcookie("userData", $userDataEncoded, time() + 3600, "/"); + + + if (isset($_COOKIE['userData'])) { + $userDataEncoded = $_COOKIE['userData']; + $userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif + + echo "Email : " . $userData['email'] . "
"; + echo "Prénom : " . $userData['name'] . "
"; + echo "Nom : " . $userData['familyName'] . "
"; + echo "Rôle : " . $userData['role'] . "
"; + } else { + echo "Cookie 'userData' non trouvé."; + } + + + + +} + + +$newURL = "/account/profile"; +header("Location: " . $newURL); +die(); + + +?> \ No newline at end of file diff --git a/account/profile/index.php b/account/profile/index.php index cec9851..8f2e209 100644 --- a/account/profile/index.php +++ b/account/profile/index.php @@ -1,3 +1,26 @@ + + + @@ -11,14 +34,27 @@ - + + Mon profil | Jeux Olympiques - Paris 2024 - +

Mon profil :

+ Email : " . $userData['email'] . "

"; + echo "

Prénom : " . $userData['name'] . "

"; + echo "

Nom : " . $userData['familyName'] . "

"; + echo "

Rôle : " . $userData['role'] . "

"; + + + ?> + + + diff --git a/account/register/index.php b/account/register/index.php index 106bf69..325d0e3 100644 --- a/account/register/index.php +++ b/account/register/index.php @@ -29,7 +29,7 @@ Avatar

Créer un compte

Créez un nouveau compte afin d'accéder à l'entièreté du site.

-
+
@@ -50,7 +50,7 @@
- +