/** * allow_space * create acces for personal space * @param array $arr attribut 'mon_login', 'nom', 'mon_email', 'mon_password', 'mon_adresse', 'mon_code_postal', 'ma_commune', 'mon_telephone', 'mon_telephone2', * @return json of ok, TXTIDENTIFICATION_ERROR9, TXTIDENTIFICATION_ERROR5, TXTIDENTIFICATION_ERROR10, TXTIDENTIFICATION_ERROR6 */ public static function allow_space($arr) { try { global $db; if ($_SESSION['id']) { /* il faut que toutes les variables du formulaires existent*/ if (isset($arr['mon_login']) && isset($arr['mon_email']) && isset($arr['mon_password']) && isset($arr['mon_adresse']) && isset($arr['mon_code_postal']) && isset($arr['ma_commune']) && isset($arr['mon_telephone']) && isset($arr['mon_telephone2']) && isset($arr['mon_nom'])) { /*il faut que tous les champs soient renseignes*/ if ($arr['mon_login'] != "" && $arr['mon_nom'] != "" && $arr['mon_email'] != "" && $arr['mon_adresse'] != "" && $arr['mon_code_postal'] != "" && $arr['ma_commune'] != "" && $arr['mon_telephone'] != "" && $arr['mon_password'] != "") { /*on crypte le mot de passe pour faire le test*/ $passwordhache = md5($arr['mon_password']); /* on verifie qu'un membre a bien ce pseudo et ce mot de passe*/ $req = $db->prepare('SELECT * FROM identification WHERE login = :login'); $req->execute(array('login' => requetemysql::mysql_escape_mimic($arr['mon_login']))); $resultat = $req->fetch(); /*si il n'y a pas de resultats, on renvoie a la page de connexion*/ if ($resultat) { return TXTIDENTIFICATION_ERROR9; //header('Location: index.php'); } else { $req = $db->prepare('SELECT * FROM identification WHERE mail = :mail'); $req->execute(array('mail' => requetemysql::mysql_escape_mimic($arr['mon_email']))); $resultat = $req->fetch(); if ($resultat) { return TXTIDENTIFICATION_ERROR9; } else { $inscription_tour_de_garde = requetemysql::inscription_espace_perso(array('mon_login' => requetemysql::mysql_escape_mimic($arr['mon_login']), 'mon_email' => requetemysql::mysql_escape_mimic($arr['mon_email']), 'mon_adresse' => requetemysql::mysql_escape_mimic($arr['mon_adresse']), 'mon_code_postal' => requetemysql::mysql_escape_mimic($arr['mon_code_postal']), 'ma_commune' => requetemysql::mysql_escape_mimic($arr['ma_commune']), 'mon_telephone' => requetemysql::mysql_escape_mimic($arr['mon_telephone']), 'mon_telephone2' => requetemysql::mysql_escape_mimic($arr['mon_telephone2']), 'mon_password' => requetemysql::mysql_escape_mimic($passwordhache), 'mon_nom' => requetemysql::mysql_escape_mimic($arr['mon_nom']), 'mon_password2' => requetemysql::mysql_escape_mimic($arr['mon_password']))); return $inscription_tour_de_garde; } } } else { return TXTIDENTIFICATION_ERROR5; } } else { return TXTIDENTIFICATION_ERROR6; } } else { return TXTIDENTIFICATION_ERROR7; } } catch (Exception $e) { return 'Exception -> '; var_dump($e->getMessage()); } }
/* on verifie qu'un membre a bien ce pseudo et ce mot de passe*/ $req = $db->prepare('SELECT * FROM identification WHERE login = :login'); $req->execute(array('login' => requetemysql::mysql_escape_mimic($_POST['mon_login']))); $resultat = $req->fetch(); /*si il n'y a pas de resultats, on renvoie a la page de connexion*/ if ($resultat) { echo json_encode(TXTIDENTIFICATION_ERROR9); //header('Location: index.php'); } else { $req = $db->prepare('SELECT * FROM identification WHERE mail = :mail'); $req->execute(array('mail' => requetemysql::mysql_escape_mimic($_POST['mon_email']))); $resultat = $req->fetch(); if ($resultat) { echo json_encode(TXTIDENTIFICATION_ERROR9); } else { $inscription_tour_de_garde = requetemysql::inscription_tour_de_garde(array('mon_login' => requetemysql::mysql_escape_mimic($_POST['mon_login']), 'mon_email' => requetemysql::mysql_escape_mimic($_POST['mon_email']), 'mon_adresse' => requetemysql::mysql_escape_mimic($_POST['mon_adresse']), 'mon_code_postal' => requetemysql::mysql_escape_mimic($_POST['mon_code_postal']), 'ma_commune' => requetemysql::mysql_escape_mimic($_POST['ma_commune']), 'mon_telephone' => requetemysql::mysql_escape_mimic($_POST['mon_telephone']), 'mon_password' => requetemysql::mysql_escape_mimic($passwordhache), 'mon_nom' => requetemysql::mysql_escape_mimic($_POST['mon_nom']), 'mon_password2' => requetemysql::mysql_escape_mimic($_POST['mon_password']))); echo json_encode($inscription_tour_de_garde); } } } else { echo json_encode(TXTIDENTIFICATION_ERROR8); } } else { echo json_encode(TXTIDENTIFICATION_ERROR5); } } else { echo json_encode(TXTIDENTIFICATION_ERROR6); } } else { echo json_encode(TXTIDENTIFICATION_ERROR7); }