diff --git a/php/connexion.php b/php/connexion.php index 83e2a3f..8b58a7f 100644 --- a/php/connexion.php +++ b/php/connexion.php @@ -1,37 +1,73 @@ "; +require_once 'common.php'; +session_start(); +if (!empty($_REQUEST['login']) && !empty($_REQUEST['password'])) { + $db = initDatabase(); + $login = $_POST['login']; + $password = $_POST['password']; + + + $result=mysqli_query($db,"SELECT * FROM user WHERE login = '$login' "); + + if (mysqli_num_rows($result) > 0) { + + $row = mysqli_fetch_assoc($result); + $hash = $row['mdp']; + + + if (password_verify($password, $hash)) { + if ($login) { + $_SESSION['login'] = $login; + header('Location: ../index.html'); + exit(); + } + + + } else { + echo "Échec de la connexion : couple login/mot de passe invalide."; + } + } else { + echo "Échec de la connexion : login invalide."; +} + + } // Récupération des données du formulaire -$login = $_POST['login']; -$password = $_POST['password']; -$result=mysqli_query($db,"SELECT * FROM user WHERE login = '$login' "); +?> -if (mysqli_num_rows($result) > 0) { - $row = mysqli_fetch_assoc($result); - $hash = $row['mdp']; - + + + + + Page de Connexion + + - if (password_verify($password, $hash)) { - echo "Connexion réussie au mdp !"; +
+ +
+ +
- } else { - echo "Échec de la connexion : couple login/mot de passe invalide."; - } -} else { - echo "Échec de la connexion : login invalide."; -} +

Connexion

-mysqli_close($db); +
+
+
+
+
+ + +
-?> \ No newline at end of file + + \ No newline at end of file