diff --git a/WEB/inscription.php b/WEB/inscription.php index 2bdf50f..ed7bc3d 100644 --- a/WEB/inscription.php +++ b/WEB/inscription.php @@ -1,45 +1,62 @@ 0) { - echo "
PHP a ignoré les données POST à cause d'une requête dépassant post_max_size (" . ini_get('post_max_size') . ").
"; - exit(); - } - if (isset($_POST['mail_field'])) { - $login = htmlentities(pg_escape_string($_POST['login_field'])); - $password = htmlentities(pg_escape_string($_POST['password'])); - $prenom = htmlentities(pg_escape_string($_POST['prenom'])); - $nom = htmlentities(pg_escape_string($_POST['nom'])); - $dateN = htmlentities(pg_escape_string($_POST['dateN'])); - $mail = strtolower(htmlentities(pg_escape_string($_POST['mail_field']))); - $phone = htmlentities(pg_escape_string($_POST['phone'])); + if (isset($_POST['login']) || isset($_FILES['avatar'])) { + if (isset($_POST['login']) && isset($_POST['password']) && isset($_POST['confirmation']) && isset($_POST['prenom']) && isset($_POST['nom']) && isset($_POST['phone'])) { + $login = htmlentities(pg_escape_string($_POST['login'])); + $password = htmlentities(pg_escape_string($_POST['password'])); + $prenom = htmlentities(pg_escape_string($_POST['prenom'])); + $nom = htmlentities(pg_escape_string($_POST['nom'])); + $dateN = htmlentities(pg_escape_string($_POST['dateN'])); + $mail = strtolower(htmlentities(pg_escape_string($_POST['mail']))); + $phone = htmlentities(pg_escape_string($_POST['phone'])); - if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) { - header('Location: inscription.php?error=1'); - exit(); - } elseif (!isMailUnique($db, $mail)) { - header('Location: inscription.php?error=2'); - exit(); - } elseif (!isLoginUnique($db, $login)) { - header('Location: inscription.php?error=3'); - exit(); - } else { - uploadAvatar($mail); - $result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN); - if ($result) { - header('Location: index.php'); + if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) { + header('Location: inscription.php?error=1'); + exit(); + } elseif (!isMailUnique($db, $mail)) { + header('Location: inscription.php?error=2'); + exit(); + } elseif (!isLoginUnique($db, $login)) { + header('Location: inscription.php?error=3'); + exit(); } else { - header('Location: inscription.php?error=6'); + if (isset($_FILES['avatar']) and !empty($_FILES['avatar']['name'])) { + $fic = $_FILES['avatar']; + $res = uploadAvatar($mail, $fic); + switch ($res){ + case -1: + header('Location: inscription.php?error=4'); + exit(); + case -2: + header('Location: inscription.php?error=5'); + exit(); + case -3: + header('Location: inscription.php?error=6'); + exit(); + } + } + $result = creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN); + if ($result) { + header('Location: index.php'); + exit(); + } else { + header('Location: inscription.php?error=6'); + exit(); + } } - } + } } -} else { +} +else { header('Location: tableauBord/tableauBord.php'); + exit(); } function printError() @@ -69,51 +86,6 @@ function getError($code) } } -function isMailUnique($db, $mail) -{ - $result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail)); - if ($result) { - $row = pg_fetch_array($result); - return (strcmp($row['mail'], $mail) != 0); - } - return false; -} - -function isLoginUnique($db, $login) -{ - $result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE login = $1;", array($login)); - if ($result) { - $row = pg_fetch_array($result); - return (strcmp($row['login'], $login) != 0); - } - return false; -} - -function creerUtilisateur($db, $mail, $password, $prenom, $nom, $login, $phone, $dateN) -{ - $result = pg_query_params($db, "INSERT INTO Utilisateur VALUES ($1, $2, $3, $4, $5, $6, to_date($7, 'YYYY/MM/DD'), false);", array($mail, $password, $prenom, $nom, $login, $phone, $dateN)); - return $result; -} - -function uploadAvatar($mail) -{ - if (isset($_FILES['avatar']) and $_FILES['avatar']['name'] != "") { - $target_file = "imageProfil/$mail.png"; - $file_tmp = $_FILES['avatar']['tmp_name']; - $extension = end(explode('.', $_FILES['avatar']['name'])); - $check = getimagesize($file_tmp); - if ($check === false or !in_array($extension, array('png'))) { - header('Location: inscription.php?error=4'); - exit(); - } else if ($_FILES['avatar']['size'] > 2 * 1024 * 1024) { - header('Location: inscription.php?error=5'); - exit(); - } else { - move_uploaded_file($file_tmp, $target_file); - } - } -} - ?> @@ -121,19 +93,18 @@ function uploadAvatar($mail)