/**
* Smart Restaurant
*
* An open source application to manage restaurants
*
* @package SmartRestaurant
* @author Gjergj Sheldija
* @copyright Copyright (c) 2008-2012, Gjergj Sheldija
* @license http://www.gnu.org/licenses/gpl.txt
* @since Version 1.0
* @filesource
*
* Smart Restaurant is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3 of the License.
*
* Smart Restaurant is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
function check_db_status()
{
$query = "USE `" . $_SESSION['common_db'] . '`';
$res = common_query($query, __FILE__, __LINE__, true);
if (!$res) {
$url = ROOTDIR . '/install/install.php';
header('Location: ' . $url);
$error_msg = common_header('Database not found');
$error_msg .= redirectJS($url);
$error_msg .= 'DB not found. Going to installation page.';
$error_msg .= common_bottom();
echo $error_msg;
die;
}
$query = "SHOW TABLES";
$tableslist = common_query($query, __FILE__, __LINE__, true);
// this is unlikely to happen
if (!$tableslist) {
$url = ROOTDIR . '/install/install.php';
header('Location: ' . $url);
$error_msg = common_header('Database tables not found');
$error_msg .= redirectJS($url);
$error_msg .= 'No table found on the database. Going to installation page.';
$error_msg .= common_bottom();
echo $error_msg;
die;
}
$numtables = mysql_num_rows($tableslist);
if (!$numtables) {
$url = ROOTDIR . '/install/install.php';
header('Location: ' . $url);
$error_msg = common_header('Database tables not found');
$error_msg .= redirectJS($url);
$error_msg .= 'No table found on the database. Going to installation page.';
$error_msg .= common_bottom();
echo $error_msg;
die;
}
}
if (!empty($_POST)) {
if (!empty($email) && !empty($password)) {
$query = $db->prepare('SELECT * FROM users WHERE email = :email');
$query->bindValue('email', $email);
$query->execute();
$user = $query->fetch();
if (!empty($user)) {
$crypted_password = $user['pass'];
if (password_verify($password, $crypted_password)) {
if (!empty($remember_me)) {
setRememberMe($user['id'], $expiration);
}
$_SESSION['user_id'] = $user['id'];
$_SESSION['firstname'] = $user['firstname'];
echo '<div class="alert alert-success" role="success">Authentification réussie</div>';
echo redirectJS('index.php', 2);
goto end;
}
}
}
$errors['authent'] = 'Identifiants incorrects';
}
?>
<h1>Connexion</h1>
<?php
if (!empty($errors)) {
?>
<div class="alert alert-danger" role="danger">
<?php
$query = $db->prepare('INSERT INTO users (lastname, firstname, email, password, newsletter, register_date) VALUES (:lastname, :firstname, :email, :password, :newsletter, NOW())');
$query->bindValue('lastname', $lastname);
$query->bindValue('firstname', $firstname);
$query->bindValue('email', $email);
$query->bindValue('password', $crypted_password);
$query->bindValue('newsletter', $newsletter, PDO::PARAM_INT);
$query->execute();
$user_id = $db->lastInsertId();
if (empty($user_id)) {
echo '<div class="alert alert-danger" role="danger">Une erreur est survenue</div>';
} else {
$_SESSION['user_id'] = $user_id;
$_SESSION['firstname'] = $firstname;
$_SESSION['lastname'] = $lastname;
echo '<div class="alert alert-success" role="success">Authentification réussie</div>';
echo redirectJS($back_link, 2);
}
goto end;
}
}
}
?>
<h1>Inscription</h1>
<?php
if (!empty($errors)) {
?>
<div class="alert alert-danger" role="danger">
<?php
foreach ($errors as $error) {