1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54
|
$email = htmlspecialchars( $_POST['email']) ;
$password = htmlspecialchars( $_POST['password']);
$mysqli = new mysqli('127.0.0.1', 'root', '', 'philippe');
$sql = "SELECT email, token, password FROM membre WHERE email = '".$email."'";
// La requette est t elle sure.
if (!$result = $mysqli->query($sql)) {
header('Location: index.php?error=1');
// var_dump($result);
// echo " Donnees incorrectes ";
}
if ($result->num_rows === 0) {
header('Location: index.php?error=1');
// var_dump($result);
// echo " Donnees incorrectes ";
}
if ($data = mysqli_fetch_array($result))
{
$pass = $data['password'];
$token = $data['token'];
if (password_verify($password , $pass)) { // Est ce dangereux.
$_SESSION['email'] = $email;
{
if (isset($_POST["rememberme"]))
{
setcookie("email",$email, time() + 365*24*3600,'/','localhost',false,true);
setcookie("token",$token, time() + 365*24*3600,'/','localhost',false,true);
print_r($_COOKIE);
}
}
mysqli_close($mysqli);
$result->close();
header('Location: bienvenue.php') ;
} else {header('Location: index.php?error=1');}; |
Partager