Authentification du visiteure

acisse163 Messages postés 21 Date d'inscription   Statut Membre Dernière intervention   -  
yg_be Messages postés 23437 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour, je suis debutant et je besoin d'aide s'il vous plait
je insere les donner dans la table membre et j'essaye de me connecter a ce table eureur d'itentification voici le code en question

if (isset($_POST['submit'])) {

$username = htmlspecialchars($_POST['username']);
$password = htmlspecialchars(md5($_POST['password']));

$stmt_login = $connect->prepare("SELECT * FROM administrator WHERE username=:username and password=:password");
$stmt_login->bindParam (':username' , $username , PDO::PARAM_STR );
$stmt_login->bindParam (':password' , $password , PDO::PARAM_STR );
$stmt_login->execute();

if ($stmt_login->rowCount() == 1) {

$row = $stmt_login->fetch() ;
$user = $row ['username'];
$pass = $row ['password'];
$admin_index = $row ['admin_index'];

if ($username == $user and $password == $user ) {

$_SESSION ['username'] = $user;
$_SESSION ['admin_index'] = $admin_index;

$token_rand = md5(uniqid(rand()));
$_SESSION ['token'] = $token_rand;

header ("location: index.php");
echo "<meta http-equiv='refresh' content='0; url = index.php' />";

}

}

else {
header ("location: login.php?login=error");
echo "<meta http-equiv='refresh' content='0; url = login.php?login=error' />";
}

}

?>

4 réponses

  1. jordane45 Messages postés 30426 Date d'inscription   Statut Modérateur Dernière intervention   4 830
     
    Bonjour,

    1 - Merci d'utiliser les balises de code pour poster du code sur le forum

    2 - Commence par modifier ton code pour ne plus utiliser de rowCount
    Regarde ce qui est dit ici https://www.php.net/manual/fr/pdostatement.rowcount.php
    ce comportement n'est pas garanti pour toutes les bases de données


    3 - Active la gestion des erreurs pdo : https://forums.commentcamarche.net/forum/affich-37584941-php-pdo-gerer-les-erreurs

    0
  2. acisse163 Messages postés 21 Date d'inscription   Statut Membre Dernière intervention  
     
    s'il vou plait on ma afficher sa aussi je comprend pas

    Erreur ! SQLSTATE[42000]: Syntax error or access violation: 1065 Query was empty Les stmt_login : Array ( [:username] => cisselinsan [:password] => 25d55ad283aa400af464c76d713c07ad )
    0
    1. jordane45 Messages postés 30426 Date d'inscription   Statut Modérateur Dernière intervention   4 830
       
      Montre ton code modifie
      0
  3. yg_be Messages postés 23437 Date d'inscription   Statut Contributeur Dernière intervention   Ambassadeur 1 588
     
    bonsoir, pourquoi fais-tu ceci?
    $token_rand = md5(uniqid(rand())); 
    $_SESSION ['token'] = $token_rand; 

    Je pense que c'est inutile. Si tu crois que c'est utile, je pense que tu dois faire autre chose.
    0
    1. acisse163
       
      ?
      0
  4. acisse163
     
    <link rel="stylesheet" type="text/css" href="../css/style.css">
    <?php

    session_start();

    if (isset($_SESSION ['administrator'])) {
    header("location: login.php") ;
    }

    require_once '../includes/database_config.php';
    include '../includes/display_errors.php';
    include '../includes/make_lang.php';

    ?>

    <!DOCTYPE html>
    <html>
    <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="description" content="">
    <meta name="author" content="">
    <link rel="icon" href="../css/logo2.jpg" />

    <title><?php echo $lang ['
    ']; ?></title>

    <!-- Bootstrap core CSS -->
    <link href="../css/bootstrap.min.css" rel="stylesheet">
    <!-- Bootstrap theme -->
    <link href="../css/bootstrap-theme.min.css" rel="stylesheet">
    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
    <link href="../css/ie10-viewport-bug-workaround.css" rel="stylesheet">

    <!-- Just for debugging purposes. Don't actually copy these 2 lines! -->
    <!--[if lt IE 9]><script src=""quot;../js/ie8-responsive-file-warning.js"></script><![endif]-->
    <script src=""quot;../js/ie-emulation-modes-warning.js"></script>

    <!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
    <!--[if lt IE 9]>
    <script src=""quot;https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
    <script src=""quot;https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
    <![endif]-->

    <link rel="stylesheet" href="../css/style.css" rel="stylesheet">
    <link rel="stylesheet" href="../css/Normalize.css" rel="stylesheet">

    <?php
    if (isset($_SESSION['arabic'])) {
    echo '<link rel="stylesheet" href="../css/rtl_fix.css" rel="stylesheet">
    <link href="../css/bootstrap-rtl.min.css" rel="stylesheet">
    <link rel="stylesheet" href="../fonts/ar/droid.css">';
    }

    if (isset($_SESSION['francais']) OR isset($_SESSION['english'])) {
    echo '<link rel="stylesheet" href="../fonts/fr/fonts_css.css">';
    }

    ?>

    <script src=""quot;../js/jquery-1.11.3.min.js"></script>

    <link rel="stylesheet" href="../libs/validationEngine/validationEngine.jquery.css" type="text/css"/>
    <?php
    if (isset($_SESSION['arabic'])) {
    echo '<script src=""quot;../libs/validationEngine/languages/jquery.validationEngine-ar.js" type="text/javascript" charset="utf-8"></script>';
    }
    if (isset($_SESSION['francais'])) {
    echo '<script src=""quot;../libs/validationEngine/languages/jquery.validationEngine-fr.js" type="text/javascript" charset="utf-8"></script>';
    }

    if (isset($_SESSION['english'])) {
    echo '<script src=""quot;../libs/validationEngine/languages/jquery.validationEngine-en.js" type="text/javascript" charset="utf-8"></script>';
    }
    ?>
    <script src=""quot;../libs/validationEngine/jquery.validationEngine.js" type="text/javascript" charset="utf-8">
    </script>
    <script>
    jQuery(document).ready(function(){
    // binds form submission and fields to the validation engine
    jQuery("#login").validationEngine();
    });

    </script>

    </head>

    <body>

    <div class="navbar navbar-default">
    <div class="container">
    <form id="language" action="" method="post">
    <input type="submit" name="fr" class="francais" value="francais" />
    <input type="submit" name="ar" class="arabic" value="arabic" />
    <input type="submit" name="en" class="english" value="english" />
    </form>
    </div>
    </div>

    <div class="container main">

    <div class="clear"></div> <br>

    <?php
    /*
    $user = "cisse163";
    $pass= "123456";
    • /

    if (isset($_POST['submit'])) {

    $username = htmlspecialchars($_POST['username']);
    $password = htmlspecialchars(md5($_POST['password']));

    $stmt_login = $connect->prepare("SELECT * FROM administrator WHERE username=:username and password=:password");
    $stmt_login->bindParam (':username' , $username , PDO::PARAM_STR );
    $stmt_login->bindParam (':password' , $password , PDO::PARAM_STR );
    $stmt_login->execute();

    $stmt_login = array(':username'=>$username, ':password'=>$password);

    //Execution de la requete
    try{
    $requete = $connect -> prepare($sql) ;
    $requete->execute($stmt_login) ;
    }catch(Exception $e){
    // en cas d'erreur :
    echo " Erreur ! ".$e->getMessage();
    echo " Les stmt_login : " ;
    print_r($stmt_login);
    }

    if ($stmt_login->rowCount() == 1) {

    $row = $stmt_login->fetch() ;
    $user = $row ['username'];
    $pass = $row ['password'];
    $admin_index = $row ['admin_index'];

    if ($username == $user and $password == $user ) {

    $_SESSION ['username'] = $user;
    $_SESSION ['admin_index'] = $admin_index;

    $token_rand = md5(uniqid(rand()));
    $_SESSION ['token'] = $token_rand;

    header ("location: index.php");
    echo "<meta http-equiv='refresh' content='0; url = index.php' />";

    }

    }

    else {
    header ("location: login.php?login=error");
    echo "<meta http-equiv='refresh' content='0; url = login.php?login=error' />";
    }

    }

    ?>

    <div class="clear"></div> <br>

    <div class="col-md-6 col-md-offset-3">
    <div class="login">
    <h1><?php echo $lang ['log_in']; ?></h1>

    <?php

    if (isset($_GET['login']) == "error") {
    echo "<div class='alert alert-danger center'><p>".$lang ['username_or_password_error']."</p></div>";
    }

    ?>

    <div class="clear"></div>

    <form id="login" action="login.php" method="post">
    <input type="text" class="validate[required]" name="username" placeholder="<?php echo $lang ['username']; ?> .." />
    <input type="password" class="validate[required]" name="password" placeholder="<?php echo $lang ['password']; ?>" />
    <input type="submit" name="submit" value="<?php echo $lang ['login']; ?>" /><br/><br/><br/>

    <a href="PasswordReset.php" rel="nofollow noopener noreferrer" target="_blank" style="color: #c66;"><?php echo $lang ['lost_password']; ?></a>
    </form>
    <a href="form.php" rel="nofollow noopener noreferrer" target="_blank">Inscription</a>
    </div>

    </div>

    <div class="clear"></div> <br><br>

    </div>

    <!-- Bootstrap core JavaScript
    ================================================== -->
    <!-- Placed at the end of the document so the pages load faster -->
    <script src=""quot;../js/bootstrap.min.js"></script>
    <script src=""quot;../js/docs.min.js"></script>
    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
    <script src=""quot;../js/ie10-viewport-bug-workaround.js"></script>

    </body>
    </html>
    0
    1. jordane45 Messages postés 30426 Date d'inscription   Statut Modérateur Dernière intervention   4 830
       
      Et les balises de code.... tu les mets quand tu veux hein....
      Merci.
      0
    2. yg_be Messages postés 23437 Date d'inscription   Statut Contributeur Dernière intervention   1 588
       
      Je te suggère de supprimer la ligne
      $stmt_login = array(':username'=>$username, ':password'=>$password); 
      0