LOGIN.PHP<?php require 'php/config.php';if(!empty($_POST['submit']

1. LOGIN.PHP
2.  
3.  
4.  
5. <?php
6. require 'php/config.php';
7.  
8. if(!empty($_POST['submit'])){
9. $errors = array();
10. $email = htmlentities($_POST['email']);
11. $password = $_POST['password'];
12.  
13. if (!empty($email) && !empty($password)){
14. $req = $pdo->prepare("SELECT * FROM users WHERE email = ? AND confirmed_at IS NOT NULL");
15. $req->execute([$email]);
16. $user = $req->fetch();
17. if(password_verify($password, $user['password'])){
18. $_SESSION['auth'] = $user;
19. header('Location: #.php');
20. exit();
21. }else{
22. $errors['invalid'] = "Identifiant ou mot de passe incorrectes";
23. }
24. }else{
25. $errors['fill'] = "Veuillez remplire tous les champs";
26. }
27. }
28.  
29. ?>
30. <?php include 'views/login.view.php'; ?>
31.  
32.  
33.  
34.  
35.  
36. LOGIN.VIEW.PHP
37.  
38.  
39.  
40.  
41.  
42. <?php
43.  
44. if(isset($errors) && !empty($errors)){
45. foreach($errors as $error){
46. echo $error;
47. }
48. }
49.  
50. ?>
51. <form method="POST">
52. <input type="text" name="email" placeholder="E-mail">
53. <input type="password" name="password" placeholder="Password">
54. <input type="submit" name="submit" value="Log In">
55. </form>
56.  
57.  
58.  
59.  
60. REGISTER.PHP
61.  
62.  
63.  
64. <?php
65. require 'php/config.php';
66.  
67. if(!empty($_POST['submit'])){
68. $errors = array();
69. $username = htmlentities($_POST['username']);
70. $email = htmlentities($_POST['email']);
71. $password = $_POST['password'];
72. $passwordConfirm = $_POST['passwordConfirm'];
73.  
74. if(empty($username) || !preg_match('/^[a-zA-Z0-9_]+$/', $username)){
75. $errors['username'] = "Votre pseudonyme n'est pas valide";
76. }else{
77. $req = $pdo->prepare("SELECT id FROM users WHERE username = ?");
78. $req->execute([$username]);
79. $user = $req->fetch();
80. if($user){
81. $errors['username'] = "Ce pseudonyme est deja utilisé";
82. }
83. }
84.  
85. if(empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)){
86. $errors['email'] = "Votre adresse e-mail n'est pas valide";
87. }else{
88. $req = $pdo->prepare("SELECT id FROM users WHERE email = ?");
89. $req->execute([$email]);
90. $user = $req->fetch();
91. if($user){
92. $errors['email'] = "Cet email est deja utilisé";
93. }
94. }
95.  
96. if(empty($password) || $password != $passwordConfirm){
97. $errors['password'] = "Vous devez renter un mot de passe";
98. }
99.  
100. if(empty($errors)){
101. $req = $pdo->prepare("INSERT INTO users SET username = ?, email = ?, password = ?, avatar = 'default.png' ");
102. $password = password_hash($_POST['passwordR'], PASSWORD_BCRYPT);
103. $token = str_random(60);
104. $req->execute([$username, $email, $password, $token]);
105. $user_id = $pdo->lastInsertId();
106. header('Location: login.php');
107. exit();
108. }
109. }
110.  
111. ?>
112. <?php include 'views/register.view.php'; ?>
113.  
114.  
115.  
116.  
117. REGISTER.VIEW.PHP
118.  
119. <?php
120.  
121. if(isset($errors) && !empty($errors)){
122. foreach($errors as $error){
123. echo $error;
124. }
125. }
126.  
127. ?>
128. <form method="POST">
129. <input type="text" name="username" class="form-control" placeholder="Pseudonyme">
130. <input type="email" name="email" class="form-control" placeholder="Adresse E-mail">
131. <input type="password" name="password" class="form-control" placeholder="Mot de passe" >
132. <input type="password" name="passwordConfirm" class="form-control" placeholder="Confirmation du mot de passe">
133. <input type="submit" class="btn btn-outline-pink" value="S'inscrire" name="submitR">
134. </form>