1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
| <?php
// on teste si le visiteur a soumis le formulaire de connexion
if (isset($_POST['connexion'])) {
if ((isset($_POST['login']) && !empty($_POST['login'])) && (isset($_POST['pass']) && !empty($_POST['pass']))) {
mysql_connect ('localhost', 'root', '');
mysql_select_db ('lcesa', $base);
// on teste si une entrée de la base contient ce couple login / pass
$sql = 'SELECT count(*) FROM auth_table WHERE username="'.mysql_escape_string($_POST['login']).'" AND password="'.mysql_escape_string(($_POST['pass'])).'"';
$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
$result=mysql_fetch_object($req);
$result2=$result;
if ($result2==true) {
header('Location: ajouter.php');
}
else {
header ('Location: connexion.php');
}
mysql_close();
}
}
?> |