<?php
require_once("connexionBD.php");
session_start();
if(!isset($_SESSION['mail'])){
if (isset($_POST['mail_field'])){
$mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
$password = htmlentities(pg_escape_string($_POST['password']));
$result = authentification($db, $mail, $password);
if($result) {
$_SESSION['mail'] = $mail;
header('Location: tableauBord/tableauBord.php');
exit();
}
else {
header('Location: index.php?error=1');
exit();
}
}
}
else{
header('Location: tableauBord/tableauBord.php');
exit();
}
function printError(){
if(isset($_GET['error'])){
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
}
function getError($code){
switch ($code){
case 1:
return "Adresse mail ou mot de passe invalide.";
}
}
function authentification($db, $mail, $password){
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if ($result){
$row = pg_fetch_array($result);
return (strcmp($row["passwd"], $password)) == 0;
}
return false;
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="index_inscription.css">
<title>Bienvenue sur Upssi'Covoit</title>
</head>
<body>
<div id="formulaire">
<h1>Bienvenue sur Upssi'Covoit</h1>
<form method="post" action="index.php">
<div class="line">
<label for="mail_field">Adresse mail : </label>
<input id="mail_field" class="form" name="mail_field" type="email" maxlength="150" required>
</div>
<div class="line">
<label for="password_field">Mot de passe : </label>
<input id="password_field" class="form" id="password" name="password" type="password" maxlength="16" required>
</div>
<?php
if(isset($_GET['error'])){
$erreur = getError($_GET['error']);
echo "<p class = 'error'>$erreur</p>";
}
?>
<input id="submit" class="button" type="submit" value="Se connecter">
</form>
<p id="enregistrer">Si vous n'avez pas de compte <a href="inscription.php" title="Créer un compte">cliquez ici</a>.</p>
</div>
</body>
</html>