<?phpinclude 'inc/base.php';function captcha() { $url = 'https://www.google

1. <?php
2. include 'inc/base.php';
3.  
4. function captcha() {
5. $url = 'https://www.google.com/recaptcha/api/siteverify';
6. $privatekey = '6LdXGA8TAAAAAEItg6VkhIwYXswy3zoJYkSsa2bT';
7. $response = file_get_contents($url."?secret=".$privatekey."&response=".strip_tags($_POST['g-recaptcha-response'])."&remoteip=".$_SERVER['REMOTE_ADDR']);
8. $data = json_decode($response);
9. return isset($data->success) AND $data->success == true;
10. }
11.  
12. // LOGIN
13. if (isset($_POST['login'], $_POST['username'], $_POST['password'])) {
14. $query = $db->prepare('SELECT COUNT(*) AS nb, id, username FROM users WHERE username=? AND password=?');
15. $query->execute([
16. $_POST['username'],
17. md5($_POST['password'])
18. ]);
19. $data = $query->fetch();
20. if ($data->nb) {
21. $_SESSION['user'] = $data->username;
22. $_SESSION['user_id'] = $data->id;
23. header("location: index.php");
24. exit;
25. } else {
26. $error = "Password or username incorrect";
27. }
28. }
29.  
30. // SIGNUp
31. if (isset($_POST['signup'], $_POST['username'], $_POST['email'], $_POST['password'], $_POST['confirm'])) {
32. if (preg_match("#^[a-z0-9_-]{3,30}$#i", $_POST['username'])) {
33. if (captcha()) {
34. $query = $db->prepare("SELECT COUNT(*) AS nb FROM users WHERE username=?");
35. $query->execute([
36. $_POST['username']
37. ]);
38. $data = $query->fetch();
39.  
40. if (!$data->nb) {
41. if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
42. $query = $db->prepare("SELECT COUNT(*) AS nb FROM users WHERE email=?");
43. $query->execute([
44. $_POST['email']
45. ]);
46. $data = $query->fetch();
47.  
48. if (!$data->nb) {
49. if ($_POST['password'] === $_POST['confirm']) {
50. if (strlen($_POST['password']) >= 4) {
51.  
52. $query = $db->prepare("INSERT INTO users(username, email, password) VALUES(:username, :email, :password)");
53. $query->execute([
54. "username" => $_POST['username'],
55. "email" => $_POST['email'],
56. "password" => md5($_POST['password'])
57. ]);
58.  
59. $_SESSION['user'] = $_POST['username'];
60. $_SESSION['user_id'] = $db->lastInsertId();
61.  
62. header("Location: index.php");
63. exit;
64.  
65. } else {
66. $error = "The password must be at least 4 characters";
67. }
68. } else {
69. $error = "The two passwords must match";
70. }
71. } else {
72. $error = "This email is already taken";
73. }
74. } else {
75. $error = "Incorrect email format";
76. }
77. } else {
78. $error = "This username is already taken";
79. }
80. }
81. else
82. {
83. $error = "Invalid captcha";
84. }
85. }
86. else
87. {
88. $error = "The username must be within 3 and 30 characters";
89. }
90. }
91.  
92. include 'inc/header.php';
93. ?>
94. <?php
95. if (isset($error)) echo "<div class="message_erreur">$error</div>";
96. ?>
97. <section>
98. <h1 class="title">Log in</h1>
99. <form method="POST">
100. Username : <input type="text" name="username" required />
101. Password : <input type="password" name="password" required />
102. <input type="submit" name="login" value="Se connecter" required />
103. </form>
104. </section>
105.  
106. <section>
107. <h2 class="title">Sign Up</h2>
108. <form method="POST">
109. <label>Username :<br />
110. <input type="text" name="username" <?php if(isset($_POST['username'])) echo 'value="'.htmlspecialchars($_POST['username']).'"'; ?> required />
111. </label>
112. <label>Email :<br />
113. <input type="text" name="email" <?php if(isset($_POST['email'])) echo 'value="'.htmlspecialchars($_POST['email']).'"'; ?> required />
114. </label>
115. <label>Password :<br />
116. <input type="password" name="password" required />
117. </label>
118. <label>Repeat password :<br />
119. <input type="password" name="confirm" required />
120. </label>
121. <center><div class="g-recaptcha" data-sitekey="6LdXGA8TAAAAAKV0MvCvn5eT3--7v4eipyvKPD0s"></div></center><br/>
122. <input type="submit" name="signup" value="Créer un compte" />
123. </form>
124. </section>
125. <?php
126. include 'inc/footer.php';