<?php if (App::isLogged()) { $member = Member::getMemberById($_SESSION['id']); if (isset($_POST['delete'])) { if (isset($_POST['password']) && $_POST['password'] == $_POST['password-confirm']) { if (Bcrypt::checkPassword($_POST['password'], $member->password)) { Member::deleteMember($member->id); session_unset(); $msg->success('Votre compte à bien été supprimé', 'index.php?page=home'); } else { echo $msg->error('Le mot de passe entré est incorrect, veuillez réessayer', 'index.php?page=profile'); } } else { echo $msg->error('Les deux mots de passe ne correspondent pas', 'index.php?page=profile'); } } if (isset($_POST['edit'])) { if (isset($_POST['first_name']) && $_POST['first_name'] != "" && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['first_name']) && isset($_POST['last_name']) && $_POST['last_name'] != "" && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['last_name']) && isset($_POST['email']) && $_POST['email'] != "" && preg_match("#^[a-z0-9._-]+@[a-z0-9._-]{2,}\\.[a-z]{2,4}\$#", $_POST['email']) && isset($_POST['password']) && $_POST['password'] != "" && isset($_POST['password-confirm']) && $_POST['password-confirm'] == $_POST['password'] && isset($_POST['way_num']) && $_POST['way_num'] != "" && preg_match("#^[0-9]{1,}\$#", $_POST['way_num']) && isset($_POST['way_type']) && $_POST['way_type'] != "" && isset($_POST['way_name']) && $_POST['way_name'] != "" && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['way_name']) && isset($_POST['city']) && $_POST['city'] != "" && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['city']) && isset($_POST['zip_code']) && $_POST['zip_code'] != "" && preg_match("#^[0-9]{5}\$#", $_POST['zip_code'])) { try { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\t\tUPDATE member\n\t\t\t\t\tSET first_name = :first_name,\n\t\t\t\t\t\tlast_name = :last_name,\n\t\t\t\t\t\temail = :email,\n\t\t\t\t\t\tway_num = :way_num,\n\t\t\t\t\t\tway_type = :way_type,\n\t\t\t\t\t\tway_name = :way_name,\n\t\t\t\t\t\tcity = :city,\n\t\t\t\t\tWHERE id = :id\n\t\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Phone'); $sth->execute(array(':id' => $id, ':first_name' => $_POST['first_name'], ':last_name' => $_POST['last_name'], ':email' => $_POST['email'], ':way_num' => $_POST['way_num'], ':way_type' => $_POST['way_type'], ':way_name' => $_POST['way_name'], ':city' => $_POST['city'], ':zip_code' => $_POST['zip_code'])); header("location:index.php?page=home"); } catch (PDOException $e) { echo "<p>Erreur:" . $e->getMessage() . "</p>"; die; }
<?php if (!App::isLogged()) { try { $email = $_POST['email']; $password = $_POST['password']; PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "SELECT id, admin, password FROM member WHERE email = :email"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Member'); $sth->execute(array(':email' => $email)); $member = $sth->fetch(); if ($member) { if (Bcrypt::checkPassword($password, $member->password)) { if ($member->id > 0) { $_SESSION['id'] = $member->id; $_SESSION['email'] = $email; if ($member->admin) { $_SESSION['admin'] = true; } } App::redirect('index.php?page=home'); } } App::error('Identifiants incorrects !'); } catch (PDOException $e) { echo 'Erreur de connexion : ' . $e->getMessage() . '<br />'; die; } } else {