fix: update login/register links in login page
The login page has been updated to fix the broken links for creating a new account and logging in. The links now correctly point to the register and login pages in the account directory. Co-authored-by: Charpentier Juliette <juliette.charpentier1@etu.u-pec.fr>
This commit is contained in:
parent
e9e2e68bcf
commit
af3d102605
@ -37,7 +37,7 @@
|
|||||||
<button type="submit" class="submit-button" action="../../tools"><i class="fas fa-sign-in-alt"></i>
|
<button type="submit" class="submit-button" action="../../tools"><i class="fas fa-sign-in-alt"></i>
|
||||||
Connexion</i></button>
|
Connexion</i></button>
|
||||||
</form>
|
</form>
|
||||||
<p class="no-account">Vous n'avez pas de compte ? <a href="../register">Créez un compte pour commencer
|
<p class="no-account">Vous n'avez pas de compte ? <a href="../account/register">Créez un compte pour commencer
|
||||||
!</a></p>
|
!</a></p>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@ -5,14 +5,68 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||||||
$email = htmlspecialchars($_POST["email"]);
|
$email = htmlspecialchars($_POST["email"]);
|
||||||
$password = htmlspecialchars($_POST["password"]);
|
$password = htmlspecialchars($_POST["password"]);
|
||||||
}
|
}
|
||||||
/*- check la validité du combo mail + mdp (qui es thashé sur la bdd)*/
|
?>
|
||||||
/*- si valide, on enregistre un cookie avec mail, nom, prénom, rôle (requete sql pour les obtenir)*/
|
|
||||||
/*- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h*/
|
|
||||||
/* une fois bien connecté, on redirige vers /account/profile */
|
|
||||||
|
|
||||||
|
|
||||||
|
<?php
|
||||||
|
/*
|
||||||
|
if (isset($_COOKIE["savemdp"])) {
|
||||||
|
$savemdp = $_COOKIE["savemdp"];
|
||||||
|
} else {
|
||||||
|
$savemdp = null;
|
||||||
|
|
||||||
|
setcookie("savemdp", $savemdp, time() + 3600);
|
||||||
|
}*/
|
||||||
|
?>
|
||||||
|
|
||||||
|
/*
|
||||||
|
hasher le mdp
|
||||||
|
- check la validité du combo mail + mdp (qui es thashé sur la bdd)
|
||||||
|
- si valide, on enregistre un cookie avec mail, nom, prénom, rôle (requete sql pour les obtenir)
|
||||||
|
- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
|
||||||
|
une fois bien connecté, on redirige vers /account/profile
|
||||||
|
*/
|
||||||
|
<html>
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8" />
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body container>
|
||||||
|
<form method="POST" action="https://but.lbalocchi.fr/account/login">
|
||||||
|
<?php
|
||||||
|
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||||
|
$resultat = mysqli_query($db, "SELECT mail, password
|
||||||
|
FROM user
|
||||||
|
WHERE mail = $email AND password = $hashedPassword");
|
||||||
echo "adresse mail : " . $email . "<br>";
|
echo "adresse mail : " . $email . "<br>";
|
||||||
echo "mot de passe : " . $password . "<br>";
|
echo "mot de passe : " . $password . "<br>";
|
||||||
|
/*test loris*/
|
||||||
|
$query = "SELECT mail, password FROM user
|
||||||
|
WHERE mail = '$email'";
|
||||||
|
$result = mysqli_query($db, $query);
|
||||||
|
|
||||||
|
if (!$result) {
|
||||||
|
die("Erreur lors de l'exécution de la requête.");
|
||||||
|
}
|
||||||
|
|
||||||
|
$row = mysqli_fetch_assoc($result);
|
||||||
|
$storedPassword = $row['password'];
|
||||||
|
|
||||||
|
if (password_verify($password, $storedPassword)) {
|
||||||
|
// Authentication successful
|
||||||
|
// Set the necessary cookies and redirect to /account/profile
|
||||||
|
// ...
|
||||||
|
} else {
|
||||||
|
die("Combinaison email/mot de passe incorrecte.");
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that
|
||||||
|
corresponds to
|
||||||
|
your MariaDB server version for the right syntax to use near '@fesse.fr AND password =
|
||||||
|
$2y$10$whzDnlmJvcSJdXqkr7SoAu5B7gmxJgcVPNT3Nr9oAPMAd...' at line 3 in
|
||||||
|
C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php:28 Stack trace: #0
|
||||||
|
C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php(28): mysqli_query(Object(mysqli), 'SELECT
|
||||||
|
mail,
|
||||||
|
pa...') #1 {main} thrown in C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php on line 28
|
@ -31,32 +31,33 @@
|
|||||||
<p>Créez un nouveau compte afin d'accéder à l'entièreté du site.</p>
|
<p>Créez un nouveau compte afin d'accéder à l'entièreté du site.</p>
|
||||||
<form>
|
<form>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="name">Prénom</label>
|
<label for="name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Prénom</label>
|
||||||
<input type="text" id="name" name="name" placeholder="Jean" required placeholder=" ">
|
<input type="text" id="name" name="name" placeholder="Jean" required placeholder=" ">
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="family-name">Adresse mail</label>
|
<label for="family-name"><span style="color:red;"><abbr title="Requis">*</abbr></span> Nom</label>
|
||||||
<input type="text" id="family-name" name="family-name" placeholder="DUPONT" required placeholder=" ">
|
<input type="text" id="family-name" name="family-name" placeholder="DUPONT" required placeholder=" ">
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="email">Adresse mail</label>
|
<label for="email"><span style="color:red;"><abbr title="Requis">*</abbr></span> Adresse mail</label>
|
||||||
<input type="email" id="email" name="email" placeholder="username@example.com" required placeholder=" ">
|
<input type="email" id="email" name="email" placeholder="username@example.com" required placeholder=" ">
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="password">Mot de passe</label>
|
<label for="password"><span style="color:red;"><abbr title="Requis">*</abbr></span> Mot de passe</label>
|
||||||
<input type="password" id="password" name="password" required placeholder="••••••••" placeholder=" ">
|
<input type="password" id="password" name="password" required placeholder="••••••••" placeholder=" ">
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="password">Confirmation du mot de passe</label>
|
<label for="code-role">Code rôle :</label>
|
||||||
<input type="password" id="password-bis" name="password-bis" required placeholder="••••••••"
|
<input type="text" id="code-role" name="code-role" placeholder="M25QP" placeholder=" ">
|
||||||
placeholder=" ">
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<button type="submit" class="submit-button"><i class="fas fa-sign-in-alt"></i>
|
||||||
<button type="submit" class="submit-button" onclick="verifMDP()"><i class="fas fa-sign-in-alt"></i>
|
|
||||||
Créer un compte</i></button>
|
Créer un compte</i></button>
|
||||||
</form>
|
</form>
|
||||||
<p class="no-account">Vous avez déjà un compte ? <a href="../login">Connectez-vous !</a></p>
|
<p class="no-account">Vous avez déjà un compte ? <a href="../account/login">Connectez-vous !</a></p>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
|
<?php include ($_SERVER['DOCUMENT_ROOT'] . '/views/footer.php') ?>
|
||||||
|
47
account/register/register.php
Normal file
47
account/register/register.php
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
<?php
|
||||||
|
require_once ($_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php');
|
||||||
|
/*
|
||||||
|
- prénom, nom, mail, mdp, code rôle
|
||||||
|
- vérifier que le mail n'existe pas déjà
|
||||||
|
- vérifier que le code rôle est correct, et affecter le rôle correspondant
|
||||||
|
- hasher le mdp
|
||||||
|
- enregistrer le nouvel utilisateur dans la bdd
|
||||||
|
- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
|
||||||
|
*/
|
||||||
|
|
||||||
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||||
|
$name = htmlspecialchars($_POST["name"]);
|
||||||
|
$familyName = htmlspecialchars($_POST["family-name"]);
|
||||||
|
$email = htmlspecialchars($_POST["email"]);
|
||||||
|
$password = htmlspecialchars($_POST["password"]);
|
||||||
|
$codeRole = htmlspecialchars($_POST["code-role"]);
|
||||||
|
}
|
||||||
|
|
||||||
|
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||||
|
|
||||||
|
$query = "SELECT mail FROM user WHERE mail = '$email'";
|
||||||
|
$result = mysqli_query($db, $query);
|
||||||
|
|
||||||
|
if (!$result) {
|
||||||
|
die("Erreur lors de l'exécution de la requête.");
|
||||||
|
}
|
||||||
|
|
||||||
|
$row = mysqli_fetch_assoc($result);
|
||||||
|
|
||||||
|
if ($row) {
|
||||||
|
die("Un utilisateur avec cette adresse mail existe déjà.");
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($codeRole == "M25QP") {
|
||||||
|
$role = "admin";
|
||||||
|
} else if ($codeRole == "TF53K") {
|
||||||
|
$role = "sportif";
|
||||||
|
} else if ($codeRole == "VJC6V") {
|
||||||
|
$role = "organisateur";
|
||||||
|
} else {
|
||||||
|
$role = "member";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
?>
|
Loading…
Reference in New Issue
Block a user