1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
| <?php
// on teste si le visiteur a soumis le formulaire de connexion
if (isset($_POST['connexion'])) {
echo '<script language="Javascript"> Connexion OK ! </script>';
if ( !empty($_POST['login']) && !empty($_POST['pass'])) {
$id = mysql_connect ('localhost', 'root', '');
mysql_select_db ('lcesa', $id);
// on teste si une entrée de la base contient ce couple login / pass
$sql = 'SELECT count(*) as nb FROM auth_table WHERE username="'.mysql_escape_string($_POST['login']).'" AND password="'.mysql_escape_string(($_POST['pass'])).'"';
$req = mysql_query($sql) or die('Erreur SQL !<br />'.$sql.'<br />'.mysql_error());
$result=mysql_fetch_assoc($req);
if ($result['nb'] == 1) {
header('Location: ajouter.php');
}
elseif ( empty($_POST['login']) or empty($_POST['pass'])) {
$_GET['erreur']="Erreur Login ou mot de passe";
//$_GET['erreur']=$erreur
header('Location: ajouter.php?erreur=1');
}
mysql_close();
}
}
?> |