SaeDEV2.2/php/connexion.php

<?php

// Informations de connexion à la base de données
require_once 'common.php';
session_start();
if (!empty($_REQUEST['login']) && !empty($_REQUEST['password'])) {
    $db = initDatabase();
    $login = $_POST['login'];
    $password = $_POST['password'];


    $result=mysqli_query($db,"SELECT * FROM user WHERE login = '$login' ");

    if (mysqli_num_rows($result) > 0) {

        $row = mysqli_fetch_assoc($result);
        $hash = $row['mdp'];
    

        if (password_verify($password, $hash)) {
            if ($login) {
                $_SESSION['login'] = $login;
                header('Location: ../index.html');
                exit();
    }

        
        } else {
            echo "Échec de la connexion : couple login/mot de passe invalide.";
        }
    } else {
        echo "Échec de la connexion : login invalide.";
}

    
}

// Récupération des données du formulaire


?>


<html lang="en">
<head>
    <meta charset="utf-8">
    <link rel="stylesheet" href="../css/style.css">
    <title>Page de Connexion</title>
</head>
<body>

    <div id="content_cours">

        <header>
            <nav>
                <a href="../index.html">Page d'accueil</a>
            </nav>
        </header>   

        
<h2>Connexion</h2>

<form action="" method="post">
    <label for="login">Login :</label><br>
    <input type="text" id="login" name="login" value="<?php if (isset($_REQUEST['login'])) { echo $_REQUEST['login']; } ?>"><br>
    <label for="password">Mot de passe :</label><br>
    <input type="password" id="password" name="password" value="<?php if (isset($_REQUEST['login'])) { echo $_REQUEST['login']; } ?>"><br>
    
    <input type="submit" value="Se connecter">
</form>

</body>
</html>