ynerant/plateforme-tfjm2
1
0
Fork 0
mirror of https://gitlab.com/animath/si/plateforme.git synced 2025-06-21 21:18:24 +02:00
Code Issues Releases Wiki Activity

Utilisation des nouvelles classes, amélioration du code

Browse Source
This commit is contained in:
galaxyoyo
2019-09-07 01:33:05 +02:00
parent b5d567e364
commit bffaf4b360
30 changed files with 472 additions and 440 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
server_files/controllers/connexion.php
View File

@ -26,7 +26,7 @@ if (isset($_GET["confirmation-mail"]) && !isset($_SESSION["user_id"])) {
}
function login() {
global $DB, $URL_BASE;
global $URL_BASE;
$email = htmlspecialchars($_POST["email"]);
@ -35,39 +35,39 @@ function login() {
$password = htmlspecialchars($_POST["password"]);
$result = $DB->query("SELECT `id`, `pwd_hash`, `email`, `surname`, `first_name`, `role`, `team_id`, `confirm_email` FROM `users` WHERE `email` = '" . $email . "';");
if (($data = $result->fetch()) === FALSE)
$user = User::fromEmail($email);
if ($user === FALSE)
return "Le compte n'existe pas.";
if ($data["confirm_email"] !== NULL) {
if ($user->getConfirmEmailToken() !== NULL) {
$_SESSION["confirm_email"] = $email;
return "L'adresse mail n'a pas été validée. Veuillez vérifier votre boîte mail (surtout vos spams). <a href=\"$URL_BASE/connexion/confirmation-mail\">Cliquez ici pour renvoyer le mail de confirmation</a>.";
}
if (!password_verify($password, $data["pwd_hash"]))
if (!$user->checkPassword($password))
return "Le mot de passe est incorrect.";
$_SESSION["user_id"] = $data["id"];
$_SESSION["user_id"] = $user->getId();
loadUserValues();
return false;
}
function recuperateAccount() {
global $DB, $MAIL_ADDRESS, $URL_BASE, $YEAR;
global $MAIL_ADDRESS, $URL_BASE;
$email = htmlspecialchars($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
return "L'email entrée est invalide.";
$req = $DB->query("SELECT `id` FROM `users` WHERE `email` = '$email' AND `year` = $YEAR;");
if (!$req->fetch())
$user = User::fromEmail($email);
if ($user == null)
return "Le compte n'existe pas.";
$token = uniqid();
$DB->exec("UPDATE `users` SET `forgotten_password` = '$token' WHERE `email` = '$email' AND `year` = $YEAR;");
$user->setForgottenPasswordToken($token);
$msg = "Bonjour,\r\n\r\n"
. "Vous avez indiqué avoir oublié votre mot de passe. Veuillez cliquer ici pour le réinitialiser : $URL_BASE/connexion/reinitialiser_mdp/$token\r\n\r\n"
@ -81,7 +81,7 @@ function recuperateAccount() {
function resetPassword() {
global $DB, $MAIL_ADDRESS, $reset_data;
$id = $reset_data["id"];
$email = $reset_data["email"];
$password = htmlspecialchars($_POST["password"]);
@ -92,9 +92,9 @@ function resetPassword() {
if ($password != $confirm)
return "Les deux mots de passe sont différents.";
$hash = password_hash($password, PASSWORD_BCRYPT);
$DB->prepare("UPDATE `users` SET `pwd_hash` = ?, `forgotten_password` = NULL WHERE `id` = ?;")->execute([$hash, $id]);
$msg = "Bonjour,\r\n\r\nNous vous informons que votre mot de passe vient d'être modifié. "
@ -106,7 +106,7 @@ function resetPassword() {
}
function sendConfirmEmail() {
global $DB, $URL_BASE, $MAIL_ADDRESS, $YEAR;
global $URL_BASE, $MAIL_ADDRESS, $YEAR;
$email = htmlspecialchars($_SESSION["confirm_email"]);
@ -114,16 +114,16 @@ function sendConfirmEmail() {
header("Location: $URL_BASE/connexion");
exit();
}
$user = User::fromEmail($email);
$data = $DB->query("SELECT `confirm_email` FROM `users` WHERE `email` = '$email' AND `year` = $YEAR;")->fetch();
if ($data === FALSE) {
if ($user === null) {
unset($_SESSION["confirm_email"]);
header("Location: $URL_BASE/connexion");
exit();
}
$confirm_email_uid = $data["confirm_email"];
$confirm_email_uid = $user->getConfirmEmailToken();
$msg = "Bonjour,\r\n\r\nPour confirmer votre adresse mail, cliquez ici : $URL_BASE/confirmer_mail/$confirm_email_uid\r\n\r\n"
. "Cordialement,\r\n\r\nLe comité national d'organisation du TFJM²";