servnest/auth/login.php

<?php require "../top.inc.php"; ?>

    <form method="post">
      <label for="username">Identifiant</label><br>
      <input required="" minlength="4" maxlength="32" pattern="<?= $usernamePattern ?>" id="username" name="username" type="text" placeholder="proudhon"><br>

      <label for="password">Mot de passe</label><br>
      <input required="" minlength="10" maxlength="1024" pattern="<?= $passwordPattern ?>" id="password" name="password" type="password" placeholder="************"><br>

      <input type="submit">
    </form>

    <?php

    if (isset($_POST['username']) AND isset($_POST['password'])) {

      $username[0] = $_POST['username'];

      $db = new PDO('sqlite:' . $dbPath);

      $req = $db->prepare('SELECT username, password FROM users WHERE username = ?');
      $req->execute($username);

      $goodPassword = $req->fetch()['password'];

      if (password_verify($_POST['password'], $goodPassword)) {
        $_SESSION['username'] = $_POST['username'];
        header('Location: ../index.php');
      } else {
        echo "<br>Connexion impossible : paire identifiant/mot de passe invalide";
      }


      echo "<br>Formulaire traité !";
    } else {
      echo "<br>Rien n'a été reçu lors du dernier chargement";
    }

    ?>

<?php require "../bottom.inc.php"; ?>
Initial commit 2021-01-22 21:58:46 +01:00			`<?php require "../top.inc.php"; ?>`

2 2021-01-23 17:26:46 +01:00			`<form method="post">`
Initial commit 2021-01-22 21:58:46 +01:00			`<label for="username">Identifiant</label><br>`
2 2021-01-23 17:26:46 +01:00			`<input required="" minlength="4" maxlength="32" pattern="<?= $usernamePattern ?>" id="username" name="username" type="text" placeholder="proudhon"><br>`
Initial commit 2021-01-22 21:58:46 +01:00
			`<label for="password">Mot de passe</label><br>`
2 2021-01-23 17:26:46 +01:00			`<input required="" minlength="10" maxlength="1024" pattern="<?= $passwordPattern ?>" id="password" name="password" type="password" placeholder="************"><br>`
Initial commit 2021-01-22 21:58:46 +01:00
2 2021-01-23 17:26:46 +01:00			`<input type="submit">`
Initial commit 2021-01-22 21:58:46 +01:00			`</form>`

			`<?php`

			`if (isset($_POST['username']) AND isset($_POST['password'])) {`

			`$username[0] = $_POST['username'];`

			`$db = new PDO('sqlite:' . $dbPath);`

			`$req = $db->prepare('SELECT username, password FROM users WHERE username = ?');`
			`$req->execute($username);`

			`$goodPassword = $req->fetch()['password'];`

			`if (password_verify($_POST['password'], $goodPassword)) {`
			`$_SESSION['username'] = $_POST['username'];`
			`header('Location: ../index.php');`
			`} else {`
			`echo "<br>Connexion impossible : paire identifiant/mot de passe invalide";`
			`}`




			`echo "<br>Formulaire traité !";`
			`} else {`
			`echo "<br>Rien n'a été reçu lors du dernier chargement";`
			`}`

			`?>`

			`<?php require "../bottom.inc.php"; ?>`