<?php
require("connectionBD.php");
$db = connexionBD();
init();
function authentification($db, $mail, $password){
$result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
if ($result){
$row = pg_fetch_array($result);
return (!strcmp($row["passwd"], $password));
}
return false;
}
function init(){
session_start();
if(!isset($_SESSION['mail'])){
if (isset($_POST['mail_field'])){
$mail = htmlentities(pg_escape_string ($_POST['mail_field']));
$password = htmlentities(pg_escape_string($_POST['password']));
$result = authentification($db, $mail, $password);
if($result) {
$_SESSION['mail'] = $mail;
header('Location: tableauBord/tableauBord.php');
}
else {
header('Location: index.php?error=Adresse mail ou mot de passe invalide.');
}
}
}
else{
header('Location: tableauBord/tableauBord.php');
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="index_inscription.css">
<title>Bienvenue sur Upssi'Covoit</title>
</head>
<body>
<div id="formulaireMail">
<h1>Bienvenue sur Upssi'Covoit</h1>
<form method="post" action="index.php">
<div class="line">
<label for="mail_field">Adresse mail : </label>
<input id="mail_field" class="form" name="mail_field" type="email" maxlength="150" required>
</div>
<div class="line">
<label for="password_field">Mot de passe : </label>
<input id="password_field" class="form" id="password" name="password" type="password" maxlength="16" required>
</div>
<?php
if(isset($_GET['error'])){
$erreur = $_GET['error'];
echo "<p class = 'error'>$erreur</p>";
}
?>
<input id="submit" class="button" type="submit" value="Se connecter">
</form>
<p id="enregistrer">Si vous n'avez pas de compte <a href="inscription.php" title="Créer un compte">cliquez ici</a>.</p>
</div>
</body>
</html>