function Connexion($check_validity = TRUE) { // the following global variables are stored in a distinct file global $WIKISERVER, $WIKILOGIN, $WIKIBASEPASSWORD, $BASE; if (!isset($_SERVER["PHP_AUTH_USER"]) || !isset($_SERVER["PHP_AUTH_PW"])) { authentification(); } $connexion = mysql_pconnect($WIKISERVER, $WIKILOGIN, $WIKIBASEPASSWORD); if (!$connexion) { echo gettext("Sorry, impossible connexion to server"); exit; } if (!mysql_select_db($BASE, $connexion)) { echo gettext("Sorry, impossible connexion to database"); echo "<B>Message de MySQL :</B> " . mysql_error($connexion); exit; } // from the manual, Chapter 16 $query = "SELECT my_username FROM user WHERE my_login='******' and my_password='******'"; $result = mysql_query($query, $connexion); if (mysql_num_rows($result) == 0) { authentification(); echo gettext("Sorry, wrong username or password"); exit; } return $connexion; }
<?php include_once '../Model/authentification.php'; if (isset($_POST['pseudo']) && isset($_POST['password'])) { $pseudo = strip_tags($_POST['pseudo']); $passH = sha1(strip_tags($_POST['password'])); $per = authentification($pseudo, $passH); if ($per) { session_start(); $_SESSION['USER_ID'] = $per['id']; $_SESSION['USER_PSEUDO'] = $pseudo; } } include_once '../View/index.php'; ?>
<?php session_start(); include_once "connexion.php"; include_once "fonctions.php"; /* Affiche un message d'erreur si connexion échouée */ $erreurCo = ""; $erreurCrea = ""; $erreurModif = ""; if (isset($_POST['login']) && isset($_POST['password']) && !$_SESSION['connecte']) { $erreurCo = authentification($dbh); } if (isset($_POST['nlogin']) && isset($_POST['npassword']) && isset($_POST['npasswordV'])) { $erreurCrea = inscription($dbh); } if (isset($_POST['infoPassword'])) { $erreurModif = modifInfoUser($dbh); } $infos_user = getInfosUser($dbh); /* Stockage de la vue à charger dans un buffer */ $html = recupererHTML("../main.html"); /* Initialisation du tableau pour le remplacement */ $remplacement = array('%navbar%' => recupererHTML("../html/navbar.html"), '%contenu%' => $_SESSION['connecte'] ? recupererHTML("../html/compte.html") : recupererHTML("../html/accueil.html"), '%scripts%' => "", '%accueilActif%' => 'class="active"', '%questActif%' => "", '%statActif%' => "", '%deconnexion%' => $_SESSION['connecte'] ? '<ul class="nav navbar-nav navbar-right"><li><a href="../php/deconnexion.php">Deconnexion</a></li></ul>' : '', '%erreurCo%' => $erreurCo, '%erreurCrea%' => $erreurCrea, '%erreurModif%' => $erreurModif, '%selGNull%' => !isset($infos_user->genre) ? "selected" : "", '%selGHom%' => $infos_user->genre == "homme" ? "selected" : "", '%selGFem%' => $infos_user->genre == "femme" ? "selected" : "", '%infoProf%' => isset($infos_user->profession) ? "value='" . $infos_user->profession . "'" : "", '%infoFrT%' => $infos_user->fr_natif ? 'checked' : '', '%infoFrF%' => !$infos_user->fr_natif ? 'checked' : ''); /* Remplacement des variables de la vue par les données de la page */ $html = remplacerContenu($html, $remplacement); echo $html;
<?php include 'lib/PDO.php'; include 'lib/user.php'; include 'lib/random_password.php'; //permet de se deconnecter if (!empty($_GET['action']) && $_GET['action'] == 'off') { include 'modele/connexion/deconnexion.php'; deconnexion(); } else { if (!empty($_POST['action']) && $_POST['action'] == 'login') { if (isset($_POST['pseudo']) && isset($_POST['password'])) { include 'modele/connexion/authentification.php'; authentification($_POST['pseudo'], $_POST['password']); } } else { include 'vue/connexion/connexion.php'; } }
*/ header('Content-type: application/json'); include_once "./mysql_connect.php"; /* INPUT */ $EMAIL = set_value('EMAIL', ''); $PASSWORD = set_value('PASSWORD', ''); $SERVER_URL = set_value('SERVER_URL', 'http://refresh.nouvelingenieur.fr'); function authentification($EMAIL, $PASSWORD) { if ($PASSWORD == sha1('')) { return array('SUCCESS' => 'False', 'MESSAGE' => _('Email missing')); } if ($EMAIL == sha1('')) { return array('SUCCESS' => 'False', 'MESSAGE' => _('Password missing')); } $hash_log = $EMAIL; $hash_pass = $PASSWORD; $result = @mysql_query(sprintf("SELECT user_id,is_valid,privileges FROM user WHERE hash_mail='%s' AND hash_pass='******'", mysql_real_escape_string($hash_log), mysql_real_escape_string($hash_pass))); if (mysql_num_rows($result) == 0) { return array('SUCCESS' => 'False', 'MESSAGE' => _('Email and password do not match')); } else { return array('SUCCESS' => 'True', 'MESSAGE' => _('You are now logged in')); } } $array = authentification($EMAIL, $PASSWORD); array_walk_recursive($array, function (&$item, $key) { if (is_string($item)) { $item = htmlentities($item); } }); echo "Ext.util.JSONP.callback(" . json_encode(array("data" => $array)) . ")";
/** * Affiche le header du site * Affiche les boutons de connexion/inscription pour les visiteurs * Affiche un message personnalisé et l'option de déconnexion pour les membres authentifiés */ function afficheHeader($dbh) { $html = recupererHTML("../html/bandeau.html"); //$estConnecte = true; $espaceConnexion = ""; $modalInscription = ""; $modalConnexion = ""; $modalConfirmation = ""; if (isset($_POST["login"]) && $_POST["password"]) { $_SESSION["estConnecte"] = authentification($dbh, $_POST["login"], $_POST["password"]); $_SESSION["role"] = $dbh->query("SELECT role FROM utilisateur WHERE pseudo='" . $_POST["login"] . "'"); $_SESSION["role"] = $_SESSION["role"]->fetch(PDO::FETCH_OBJ); $_SESSION["role"] = $_SESSION["role"]->role; $_SESSION["pseudo"] = $_POST["login"]; } if (isset($_SESSION["estConnecte"]) && $_SESSION["estConnecte"]) { $espaceConnexion = ' <div class="account" id="logged"> Bienvenue, ' . $_SESSION["pseudo"] . ' ! <form method="post"> <button type="submit" id="deConnexion" value="Deconnexion" name="deConnexion">Deconnexion</button> </form> </div> '; } else { $espaceConnexion = ' <nav class="main-nav"> <ul> <li><a class="connexion lien" href="#conn">Se connecter</a></li> <li><a class="inscription lien" href="#inscr">S\'inscrire</a></li> </ul> </nav> '; $modalInscription = ' <div id="inscr" class="modal"> <div> <a href="#fermer" title="Fermer" class="fermer">X</a> <h2>INSCRIPTION</h2> <form action="' . $_SERVER['PHP_SELF'] . '#conf" method="post"> <label for="inscrPseudo">Pseudo</label> <input type="text" name="inscrPseudo" id="inscrPseudo" placeholder="Pseudo" required><br> <label for="inscrMail">Mail</label> <input type="text" name="inscrMail" id="inscrMail" placeholder="*****@*****.**" required><br> <button type="submit" class="submit">Je m\'inscris !</button> </form> </div> </div> '; $pageActuelle = $_SERVER['PHP_SELF'] == "/1000k_web/php/consulter_technote.php" ? "/1000k_web/php/consulter_technote.php?id=" . $_GET["id"] : ($_SERVER['PHP_SELF'] == "/1000k_web/php/consulter_question.php" ? "/1000k_web/php/consulter_question.php?id=" . $_GET["id"] : $_SERVER['PHP_SELF']); $modalConnexion = ' <div id="conn" class="modal"> <div> <a href="#fermer" title="Fermer" class="fermer">X</a> <h2>CONNEXION</h2> <form action="' . $pageActuelle . '" method="post"> <label for="connPseudo">Pseudo</label> <input type="text" name="login" id="connPseudo" placeholder="Pseudo" required><br> <label for="connMDP">Mail</label> <input type="password" name="password" id="connMDP" placeholder="*****" required><br> <button type="submit" class="submit">Je me connecte !</button> </form> </div> </div> '; if (isset($_POST["inscrPseudo"]) && isset($_POST["inscrMail"])) { $message = creationCompte($_POST["inscrMail"], $_POST["inscrPseudo"], $dbh); $modalConfirmation = ' <div id="conf" class="modal"> <div> <a href="#fermer" title="Fermer" class="fermer">X</a> <h2>CONFIRMATION</h2> <span>' . $message . '</span> </div> </div> '; } } $remplacement = array('%espaceConnexion%' => $espaceConnexion, '%modalInscription%' => $modalInscription, '%modalConnexion%' => $modalConnexion, '%modalConfirmation%' => $modalConfirmation); return remplacerContenu($html, $remplacement); }