Ajout de webhooks pour le login/register/newEvent.
Ajout des pages pour gestion globale des évènements. Co-authored-by: Charpentier Juliette <juliette.charpentier@etu.u-pec.fr>
This commit is contained in:
@@ -1,93 +1,59 @@
|
||||
<?php
|
||||
require_once ($_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php');
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$email = htmlspecialchars($_POST["email"]);
|
||||
$password = htmlspecialchars($_POST["password"]);
|
||||
}
|
||||
|
||||
/*
|
||||
hasher le mdp
|
||||
- check la validité du combo mail + mdp (qui es thashé sur la bdd)
|
||||
- si valide, on enregistre un cookie avec mail, nom, prénom, rôle (requete sql pour les obtenir)
|
||||
- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
|
||||
une fois bien connecté, on redirige vers /account/profile
|
||||
*/
|
||||
?>
|
||||
<?php
|
||||
if (isset($_COOKIE['userData'])) {
|
||||
header("Location: /account/profile");
|
||||
}
|
||||
$hashedPassword = sha1($password);
|
||||
$resultat = mysqli_query($db, "SELECT *
|
||||
FROM user
|
||||
WHERE mail = '$email' AND password = '$hashedPassword'");
|
||||
$stmt = mysqli_prepare($db, "SELECT * FROM user WHERE mail = ? AND password = ?");
|
||||
mysqli_stmt_bind_param($stmt, 'ss', $email, $hashedPassword);
|
||||
$result = mysqli_stmt_execute($stmt);
|
||||
$result = $stmt->get_result();
|
||||
|
||||
$query = "SELECT mail, password
|
||||
FROM user
|
||||
WHERE mail = '$email'";
|
||||
$result = mysqli_query($db, $query);
|
||||
|
||||
if (!$result) {
|
||||
die("Erreur lors de l'exécution de la requête.");
|
||||
}
|
||||
|
||||
if (!$password) {
|
||||
die("Combinaison email/mot de passe incorrecte.");
|
||||
}
|
||||
if (!$email) {
|
||||
die("Combinaison email/mot de passe incorrecte.");
|
||||
die('Erreur de requête : ' . mysqli_error($db));
|
||||
} else {
|
||||
echo "<p>Connexion réussie</p>";
|
||||
|
||||
// Requête pour récupérer les informations de l'utilisateur
|
||||
$query = "SELECT name, family_name, role FROM user WHERE mail = '$email'";
|
||||
$result = mysqli_query($db, $query);
|
||||
|
||||
if (!$result) {
|
||||
die('Erreur de requête : ' . mysqli_error($db));
|
||||
}
|
||||
|
||||
// Récupération des données
|
||||
if ($row = mysqli_fetch_assoc($result)) {
|
||||
$nameFetched = $row['name'];
|
||||
$familyNameFetched = $row['family_name'];
|
||||
$roleFetched = $row['role'];
|
||||
if (mysqli_num_rows($result) == 0) {
|
||||
header("Location: /account/login?res=login-failed");
|
||||
die();
|
||||
} else {
|
||||
echo "Aucun utilisateur trouvé avec cet email.";
|
||||
// Requête pour récupérer les informations de l'utilisateur
|
||||
$query = "SELECT name, family_name, role FROM user WHERE mail = '$email'";
|
||||
$result = mysqli_query($db, $query);
|
||||
|
||||
if (!$result) {
|
||||
die('Erreur de requête : ' . mysqli_error($db));
|
||||
}
|
||||
|
||||
// Récupération des données
|
||||
if ($row = mysqli_fetch_assoc($result)) {
|
||||
$nameFetched = $row['name'];
|
||||
$familyNameFetched = $row['family_name'];
|
||||
$roleFetched = $row['role'];
|
||||
} else {
|
||||
echo "Aucun utilisateur trouvé avec cet email.";
|
||||
}
|
||||
// Mise en forme dans un format .JSON et création du cookie.
|
||||
$userData = array(
|
||||
"email" => $email,
|
||||
"name" => $nameFetched,
|
||||
"familyName" => $familyNameFetched,
|
||||
"role" => $roleFetched
|
||||
);
|
||||
$userDataEncoded = json_encode($userData);
|
||||
setcookie("userData", $userDataEncoded, time() + 3600, "/");
|
||||
|
||||
// Utilistation d'un Webhook Discord pour notifier l'administrateur de la
|
||||
//connexion des utilisateurs [fork de : https://stackoverflow.com/a/73547248]
|
||||
|
||||
include ($_SERVER['DOCUMENT_ROOT'] . '/views/discordWebhookLogin.php');
|
||||
|
||||
header("Location: /?res=login-succeeded");
|
||||
die();
|
||||
}
|
||||
|
||||
|
||||
$userData = array(
|
||||
"email" => $email,
|
||||
"name" => $nameFetched,
|
||||
"familyName" => $familyNameFetched,
|
||||
"role" => $roleFetched
|
||||
);
|
||||
|
||||
$userDataEncoded = json_encode($userData);
|
||||
|
||||
setcookie("userData", $userDataEncoded, time() + 3600, "/");
|
||||
|
||||
|
||||
if (isset($_COOKIE['userData'])) {
|
||||
$userDataEncoded = $_COOKIE['userData'];
|
||||
$userData = json_decode($userDataEncoded, true); // 'true' pour obtenir un tableau associatif
|
||||
|
||||
echo "Email : " . $userData['email'] . "<br>";
|
||||
echo "Prénom : " . $userData['name'] . "<br>";
|
||||
echo "Nom : " . $userData['familyName'] . "<br>";
|
||||
echo "Rôle : " . $userData['role'] . "<br>";
|
||||
} else {
|
||||
echo "Cookie 'userData' non trouvé.";
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
$newURL = "/";
|
||||
header("Location: " . $newURL);
|
||||
die();
|
||||
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user