Elle est bien la Sécurité de mon code source ?
Salut ! :)
Voila mon code source :
Qu'est-ce que vous pensez de lui (côté sécurité)?
Est-ce qu'il peut être cracker?
Y a-t-il des failles dans mon code?
Comment puis-je l'améliorer?
Page index.php
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr">
<head>
<title>Connexion au site</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" media="screen" type="text/css" title="Design" href="Designs/Design.css" />
</head>
<body>
<form method="post" action="VerifLogin.php">
<table border="0" width="400" align="center">
<tr>
<td width="200"><b>Vôtre login</b></td>
<td width="200">
<input type="text" name="login">
</td>
</tr>
<tr>
<td width="200"><b>Vôtre mot de passe<b></td>
<td width="200">
<input type="password" name="password">
</td>
</tr>
<tr>
<td colspan="2">
<input type="submit" name="submit" value="Login">
</td>
</tr>
</table>
</form>
</body>
</html> |
----------------------------------------------------------------
Page VerifLogin.php
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
| <?php
if (isset($_POST['submit']) && $_POST['submit'] == 'Login')
{
if ((isset($_POST['login']) && !empty($_POST['login'])) && (isset($_POST['password']) && !empty($_POST['password'])))
{
if ($_POST['login'] == 'login' And $_POST['password'] == 'password')
{
session_start();
$loginOK = $_POST['login'];
$_SESSION['login'] = $loginOK;
header('Location: Bienvenue.php');
}
else
{
header('Location: index.php');
exit();
}
}
else
{
header('Location: index.php');
exit();
}
}
else
{
header('Location: index.php');
exit();
}
?> |
----------------------------------------------------------
Page Bienvenue.php
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
| <?php
session_start();
if (isset($_SESSION['login']))
{
?>
<p>helo world</p>
<p><a href="deconnexion.php">Deconnexion</a> !</p>
<?php
}
else
{
header ('Location: index.php');
exit();
}
?> |
---------------------------------------------------------------
Page deconnexion.php
Code:
1 2 3 4 5 6 7
| <?php
session_start();
session_unset();
session_destroy();
header('Location: index.php');
exit();
?> |
Merci!