X-Git-Url: https://git.piment-noir.org/?a=blobdiff_plain;f=includes%2Fformlogin.php;h=73cdff0e2f1ed3e899364925902ee1a08cdad50a;hb=db6cae9045820883e6b4c7224fe68c4f4fb9c4e8;hp=8da2e2c02c7a035f655a44fe33f9e31918f283a5;hpb=b5f60f89589412e18b51326378ab13b9a4fa0f19;p=Project_webapp.git
diff --git a/includes/formlogin.php b/includes/formlogin.php
index 8da2e2c..73cdff0 100644
--- a/includes/formlogin.php
+++ b/includes/formlogin.php
@@ -3,14 +3,28 @@ $form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
$form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
if (!$form_email) {
- echo "The email is not valid
";
-} else {
- $sql_pquery = "select count(NumCI) from CLIENTS where EmailCI = ?";
-
- echo "This email do not belong to a registred client, please register first
";
-
- if (password_verify($form_password, $stored_password)) {
-
+ echo "The email is not valid.
";
+} elseif (isset($form_email) && isset($form_password)) {
+ if (chk_account($form_email)) {
+ if (chk_password($form_email, $form_password)) {
+ // authentification okay, setup session
+ session_regenerate_id(true);
+ $_SESSION['email'] = $form_email;
+ $_SESSION['IP_address'] = $_SERVER['REMOTE_ADDR'];
+ // redirect to required page
+ echo "You're successfully authenticated.
";
+ redirect("index.php", 3);
+ } else {
+ echo "Your password is incorrect for the account email" . $form_email . ".
";
+ echo "Retour";
+ }
+ } else {
+ echo "You do not have an account for the email " . $form_email . ".
";
+ echo "Please register first.";
+ redirect("index.php?page=register", 3);
}
+} else {
+ // didn't authenticate, go back to login form
+ echo "Fail to authenticate.
";
+ redirect("index.php?page=login", 3);
}
-?>