1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
| <?php
include 'entete.php';
/*------------------------------------connexion bdd----------------------------------------------------*/
$host_name = "xxx";
$database = "xxx";
$user_name = "xxx";
$password_base = "xxx";
$bdd = mysqli_connect($host_name, $user_name, $password_base, $database, 3306);
$db_selected = mysqli_select_db($bdd, $database);
if (mysqli_connect_errno())
ecrire_log( "Failed to connect to MySQL: " . mysqli_connect_error());
/*------------------------------------fin connexion bdd------------------------------------------------*/
/*----------------------------------------init variable super - global---------------------------------*/
/**************mode connexion**********************/
$email_connect = $_POST["email_connect"];
$password_connect = $_POST["password_connect"];
/**************fin mode connexion******************/
/*if (isset($_POST["log_out_submit"]))
{
ecrire_log('User submit log out');
session_destroy();
echo "<script type='text/javascript'>document.location.replace('index.php');</script>";
}*/
if (isset($_POST["email_connect"], $_POST["password_connect"]))
{
ecrire_log('the user tries to connect to it');
if ($result = mysqli_query($bdd, "SELECT password FROM t_user WHERE email = '$email_connect'"))
{
$rep = mysqli_fetch_assoc($result);
$_password = $rep['password'];
if (password_verify($password_connect, $_password))
{
session_start();
$_SESSION['email'] = $email_connect;
$_SESSION['password'] = $_password;
print_r("SESSION:");
print_r($_SESSION);
print("POST:");
print_r($_POST);
ecrire_log($_SESSION['email']);
ecrire_log('Email and Password match. User is connected');
echo "<script type='text/javascript'>document.location.replace('profile.php');</script>";
}
else
{
echo "<script type='text/javascript'>document.location.replace('index.php');</script>";
ecrire_log('Email and Password no match. User is no connected');
}
}
else
{
echo "<script type='text/javascript'>document.location.replace('index.php');</script>";
}
}
elseif ($result = mysqli_query($bdd, "INSERT INTO t_user(nom, prenom, age, password, email) VALUE ('$nom', '$prenom', '$age', '$mdphasher', '$email')"))
{
/**************mode inscription********************/
$nom = $_POST["nom"];
$prenom = $_POST["prenom"];
$age = $_POST["age"];
$password = $_POST["password"];
$email = $_POST["email"];
$mdphasher = password_hash($password, PASSWORD_DEFAULT);
/**********fin mode inscription********************/
mysqli_free_result($result);
/*-----------------------Envoi du mail de confirmation d'incription----------------------------------*/
$mail = $email; // Déclaration de l'adresse de destination.
if (!preg_match("#^[a-z0-9._-]+@(hotmail|live|msn).[a-z]{2,4}$#", $mail)) // On filtre les serveurs qui rencontrent des bogues.
$passage_ligne = "\r\n";
else
$passage_ligne = "\n";
//=====Déclaration des messages au format texte et au format HTML.
$message_txt = "Bonjour, $nom $prenom \n voici l'e-mail de confirmation d'inscription.";
$message_html = "<html><head></head><body>Bonjour, $nom $prenom \n voici l'e-mail de confirmation.</body></html>";
//==========
//=====Création de la boundary
$boundary = "-----=".md5(rand());
//==========
//=====Définition du sujet.
$sujet = "Email de confirmation d'inscription";
//=========
//=====Création du header de l'e-mail.
$header = "From: \"xx\"<xxx>".$passage_ligne;
$header.= "Reply-to: \"xx\" <xxx>".$passage_ligne;
$header.= "MIME-Version: 1.0".$passage_ligne;
$header.= "Content-Type: multipart/alternative;".$passage_ligne." boundary=\"$boundary\"".$passage_ligne;
//==========
//=====Création du message.
$message = $passage_ligne."--".$boundary.$passage_ligne;
//=====Ajout du message au format texte.
$message.= "Content-Type: text/plain; charset=\"ISO-8859-1\"".$passage_ligne;
$message.= "Content-Transfer-Encoding: 8bit".$passage_ligne;
$message.= $passage_ligne.$message_txt.$passage_ligne;
//==========
$message.= $passage_ligne."--".$boundary.$passage_ligne;
//=====Ajout du message au format HTML
$message.= "Content-Type: text/html; charset=\"ISO-8859-1\"".$passage_ligne;
$message.= "Content-Transfer-Encoding: 8bit".$passage_ligne;
$message.= $passage_ligne.$message_html.$passage_ligne;
//==========
$message.= $passage_ligne."--".$boundary."--".$passage_ligne;
$message.= $passage_ligne."--".$boundary."--".$passage_ligne;
//==========
//=====Envoi de l'e-mail.
mail($mail,$sujet,$message,$header);
//==========
/*-------------------FIN Envoi du mail de confirmation d'incription----------------------------------*/
echo "<script type='text/javascript'>document.location.replace('index.php');</script>";
}
else
{
ecrire_log('impossible to insert in the existing email database');
echo "<script type='text/javascript'>document.location.replace('index.php');</script>";
}
mysqli_close($result);
?> |
session
Répondre avec citation
Partager