This repository was archived by the owner on Jan 25, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathauthentification.php
More file actions
53 lines (51 loc) · 1.68 KB
/
authentification.php
File metadata and controls
53 lines (51 loc) · 1.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?php
include_once 'locales/lang.php';
$erreur=CONNEXION;
$user=$_POST['user'] ?? ($_SESSION['user'] ?? null);
$pass=isset($_POST['pass']) ? sha1($_POST['pass']) : ($_SESSION['pass'] ?? null);
if (!is_null($user)) {
$identifiants_valides=count(DM_Core::$d->requete('
SELECT 1
FROM users
WHERE username=? AND password=?'
, [$user, $pass])) === 1;
if ($identifiants_valides) {
$permission_valide=count(DM_Core::$d->requete('
SELECT 1
FROM users_permissions
WHERE username=? AND role=? AND privilege = ?'
, [$user, 'EdgeCreator', 'Admin'])) === 1;
if ($permission_valide) {
$_SESSION['user']=$user;
$_SESSION['pass']=$pass;
$_SESSION['id_user']=DM_Core::$d->user_to_id($user);
setcookie('user',$user,time()+3600, '',Util::DOMAIN);
setcookie('pass',$pass,time()+3600, '',Util::DOMAIN);
setcookie('is_sha1','true',time()+3600, '',Util::DOMAIN);
$erreur='';
}
else {
$erreur = PERMISSION_NON_ACCORDEE;
}
}
else {
$erreur = IDENTIFIANTS_INCORRECTS;
}
}
if (!empty($erreur)) {
?>
<html>
<body>
<?=$erreur?>
<form method="post" action="">
<table border="0">
<tr><td><?=NOM_UTILISATEUR?> :</td><td><input type="text" name="user" /></td></tr>
<tr><td><?=MOT_DE_PASSE?> :</td><td><input type="password" name="pass" /></td></tr>
<tr><td align="center" colspan="2"><input type="submit" value="<?=CONNEXION?>"/></td></tr>
</table>
</form>
</body>
</html>
<?php exit(0);
}
?>