balocchi/SAE_web
1
2
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
af3d102605
SAE_web/account/login/login.php
Loris BALOCCHI af3d102605 fix: update login/register links in login page 
The login page has been updated to fix the broken links for creating a new account and logging in. The links now correctly point to the register and login pages in the account directory.

Co-authored-by: Charpentier Juliette <juliette.charpentier1@etu.u-pec.fr>
2024-06-10 16:24:30 +02:00

72 lines
2.5 KiB
PHP
Raw Blame History

<?php
require_once ($_SERVER['DOCUMENT_ROOT'] . '/tools/dbConnect.php');
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = htmlspecialchars($_POST["email"]);
$password = htmlspecialchars($_POST["password"]);
}
?>
<?php
/*
if (isset($_COOKIE["savemdp"])) {
$savemdp = $_COOKIE["savemdp"];
} else {
$savemdp = null;
setcookie("savemdp", $savemdp, time() + 3600);
}*/
?>
/*
hasher le mdp
- check la validité du combo mail + mdp (qui es thashé sur la bdd)
- si valide, on enregistre un cookie avec mail, nom, prénom, rôle (requete sql pour les obtenir)
- créer un cookie avec mail, nom, prénom, rôle. Qui expire dans 1h
une fois bien connecté, on redirige vers /account/profile
*/
<html>
<head>
<meta charset="UTF-8" />
</head>
<body container>
<form method="POST" action="https://but.lbalocchi.fr/account/login">
<?php
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$resultat = mysqli_query($db, "SELECT mail, password
FROM user
WHERE mail = $email AND password = $hashedPassword");
echo "adresse mail : " . $email . "<br>";
echo "mot de passe : " . $password . "<br>";
/*test loris*/
$query = "SELECT mail, password FROM user
WHERE mail = '$email'";
$result = mysqli_query($db, $query);
if (!$result) {
die("Erreur lors de l'exécution de la requête.");
}
$row = mysqli_fetch_assoc($result);
$storedPassword = $row['password'];
if (password_verify($password, $storedPassword)) {
// Authentication successful
// Set the necessary cookies and redirect to /account/profile
// ...
} else {
die("Combinaison email/mot de passe incorrecte.");
}
?>
Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that
corresponds to
your MariaDB server version for the right syntax to use near '@fesse.fr AND password =
$2y$10$whzDnlmJvcSJdXqkr7SoAu5B7gmxJgcVPNT3Nr9oAPMAd...' at line 3 in
C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php:28 Stack trace: #0
C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php(28): mysqli_query(Object(mysqli), 'SELECT
mail,
pa...') #1 {main} thrown in C:\Users\Loris\Documents\DEV\gitea\SAE_web\account\login\login.php on line 28
Reference in New Issue View Git Blame Copy Permalink