case 'createProfil': $Fname = ""; $Errmsg = ""; $win = 1; $err = 0; if (isset($_POST['login']) && isset($_POST['mdp'])) { if ($_POST['login'] != "" && $_POST['mdp'] != "") { if (uploadFile("logos") == $win) { $Fname = $_FILES['fichier']['name']; } $insert = $pdo->insertUser($_POST['Nom'], $_POST['Prenom'], $_POST['typeUser'], $_POST['Contact'], $_POST['Desc'], $_POST['Site'], date("Y-m-d"), $Fname, $_POST['login'], $_POST['mdp']); } else { $err = 1; $Errmsg = "Entrez un login et mot de passe"; } if (loginExists($_POST['login'])) { $err = 1; $Errmsg = "Ce login existe deja"; } } else { $err = 1; $Errmsg = "Entrez un login et mot de passe"; } if ($err == 1) { $types = $pdo->getUserTypes(); ajouterErreur($Errmsg); include "vues/v_sommaire.php"; include "vues/v_erreurs.php"; include "vues/v_newUser.php"; } if ($err == 0) {
<?php include_once 'include/initialization.php'; $errors = array(); if (!empty($_POST)) { if (empty($_POST['login'])) { $errors['login'] = '******'; } else { if (loginExists($connexion, $_POST['login'])) { $errors['login'] = '******'; } } if (empty($_POST['password'])) { $errors['password'] = '******'; } else { if (strlen($_POST['password']) < 4) { $errors['password'] = '******'; } } if (empty($errors)) { $sql = 'INSERT INTO user(login, hash, secret) VALUES(:login, :hash, :secret)'; $hash = password_hash($_POST['password'], PASSWORD_DEFAULT); $secret = uniqid(); $preparedStatement = $connexion->prepare($sql); $preparedStatement->bindValue('login', $_POST['login']); $preparedStatement->bindValue('hash', $hash); $preparedStatement->bindValue('secret', $secret); if ($preparedStatement->execute()) { $_SESSION['user_secret'] = $secret; redirectTo('index.php');