30 lines
686 B
PHP
30 lines
686 B
PHP
<?php
|
|
|
|
checkPasswordFormat($_POST['password']);
|
|
|
|
checkUsernameFormat($_POST['username']);
|
|
|
|
$username = hashUsername($_POST['username']);
|
|
|
|
if (usernameExists($username) !== true)
|
|
output(403, 'Connexion impossible : ce compte n\'existe pas.');
|
|
|
|
$id = query('select', 'users', ['username' => $username], 'id')[0];
|
|
|
|
if (checkPassword($id, $_POST['password']) !== true)
|
|
output(403, 'Connexion impossible : clé de passe invalide.');
|
|
|
|
if (outdatedPasswordHash($id))
|
|
changePassword($id, $_POST['password']);
|
|
|
|
stopSession();
|
|
startSession();
|
|
|
|
$_SESSION['id'] = $id;
|
|
$_SESSION['type'] = query('select', 'users', ['id' => $id], 'type')[0];
|
|
|
|
setupDisplayUsername($_POST['username']);
|
|
|
|
redir();
|
|
|