Beispiel #1
0
<?php

if (App::isLogged()) {
    $member = Member::getMemberById($_SESSION['id']);
    if (isset($_POST['delete'])) {
        if (isset($_POST['password']) && $_POST['password'] == $_POST['password-confirm']) {
            if (Bcrypt::checkPassword($_POST['password'], $member->password)) {
                Member::deleteMember($member->id);
                session_unset();
                $msg->success('Votre compte à bien été supprimé', 'index.php?page=home');
            } else {
                echo $msg->error('Le mot de passe entré est incorrect, veuillez réessayer', 'index.php?page=profile');
            }
        } else {
            echo $msg->error('Les deux mots de passe ne correspondent pas', 'index.php?page=profile');
        }
    }
    if (isset($_POST['edit'])) {
        if (isset($_POST['first_name']) && $_POST['first_name'] != "" && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['first_name']) && isset($_POST['last_name']) && $_POST['last_name'] != "" && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['last_name']) && isset($_POST['email']) && $_POST['email'] != "" && preg_match("#^[a-z0-9._-]+@[a-z0-9._-]{2,}\\.[a-z]{2,4}\$#", $_POST['email']) && isset($_POST['password']) && $_POST['password'] != "" && isset($_POST['password-confirm']) && $_POST['password-confirm'] == $_POST['password'] && isset($_POST['way_num']) && $_POST['way_num'] != "" && preg_match("#^[0-9]{1,}\$#", $_POST['way_num']) && isset($_POST['way_type']) && $_POST['way_type'] != "" && isset($_POST['way_name']) && $_POST['way_name'] != "" && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['way_name']) && isset($_POST['city']) && $_POST['city'] != "" && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['city']) && isset($_POST['zip_code']) && $_POST['zip_code'] != "" && preg_match("#^[0-9]{5}\$#", $_POST['zip_code'])) {
            try {
                PDOConnexion::setParameters('phonedeals', 'root', 'root');
                $db = PDOConnexion::getInstance();
                $sql = "\n\t\t\t\t\tUPDATE member\n\t\t\t\t\tSET first_name = :first_name,\n\t\t\t\t\t\tlast_name = :last_name,\n\t\t\t\t\t\temail = :email,\n\t\t\t\t\t\tway_num = :way_num,\n\t\t\t\t\t\tway_type = :way_type,\n\t\t\t\t\t\tway_name = :way_name,\n\t\t\t\t\t\tcity = :city,\n\t\t\t\t\tWHERE id = :id\n\t\t\t\t";
                $sth = $db->prepare($sql);
                $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Phone');
                $sth->execute(array(':id' => $id, ':first_name' => $_POST['first_name'], ':last_name' => $_POST['last_name'], ':email' => $_POST['email'], ':way_num' => $_POST['way_num'], ':way_type' => $_POST['way_type'], ':way_name' => $_POST['way_name'], ':city' => $_POST['city'], ':zip_code' => $_POST['zip_code']));
                header("location:index.php?page=home");
            } catch (PDOException $e) {
                echo "<p>Erreur:" . $e->getMessage() . "</p>";
                die;
            }
Beispiel #2
0
<?php

if (!App::isLogged()) {
    try {
        $email = $_POST['email'];
        $password = $_POST['password'];
        PDOConnexion::setParameters('phonedeals', 'root', 'root');
        $db = PDOConnexion::getInstance();
        $sql = "SELECT id, admin, password FROM member WHERE email = :email";
        $sth = $db->prepare($sql);
        $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Member');
        $sth->execute(array(':email' => $email));
        $member = $sth->fetch();
        if ($member) {
            if (Bcrypt::checkPassword($password, $member->password)) {
                if ($member->id > 0) {
                    $_SESSION['id'] = $member->id;
                    $_SESSION['email'] = $email;
                    if ($member->admin) {
                        $_SESSION['admin'] = true;
                    }
                }
                App::redirect('index.php?page=home');
            }
        }
        App::error('Identifiants incorrects !');
    } catch (PDOException $e) {
        echo 'Erreur de connexion : ' . $e->getMessage() . '<br />';
        die;
    }
} else {