PROJET-WEB_STRI1A/WEB/index.php

<?php

require("connectionBD.php");
$db = connexionBD();
init();

function printError(){
    if(isset($_GET['error'])){
        $erreur = getError($_GET['error']);
        echo "<p class = 'error'>$erreur</p>";
    }
}

function getError($code){
    switch ($code){
        case 1:
            return "Adresse mail ou mot de passe invalide.";
    }
}

function authentification($mail, $password){
    global $db;
    $result = pg_query_params($db, "SELECT * FROM Utilisateur WHERE mail = $1;", array($mail));
    if ($result){
        $row = pg_fetch_array($result);
        return (strcmp($row["passwd"], $password)) == 0;
    }
    return false;
}

function init(){
    global $db;
    session_start();

    /*if(isset($_COOKIE['mail']) && isset($_COOKIE['password'])){
        if (authentification($_COOKIE['mail'], $_COOKIE['mail'])){
            $_SESSION['mail'] = $_COOKIE['mail'];
        }
    }*/
    if(!isset($_SESSION['mail'])){
        if (isset($_POST['mail_field'])){

            $mail = strtolower(htmlentities(pg_escape_string ($_POST['mail_field'])));
            $password = htmlentities(pg_escape_string($_POST['password']));
            $result = authentification($mail, $password);
            if($result) {
                $_SESSION['mail'] = $mail;
                header('Location: tableauBord/tableauBord.php');
                exit();
            }
            else {
                header('Location: index.php?error=1');
                exit();
            }
        }
    }
    else{
        header('Location: tableauBord/tableauBord.php');
        exit();
    }
}

?>
<!DOCTYPE html>
<html lang="fr">
<head>
    <meta charset="UTF-8">
    <link rel="stylesheet" href="index_inscription.css">
    <title>Bienvenue sur Upssi'Covoit</title>
</head>
<body>
<div id="formulaire">
    <h1>Bienvenue sur Upssi'Covoit</h1>
    <form method="post" action="index.php">
        <div class="line">
            <label for="mail_field">Adresse mail : </label>
            <input id="mail_field" class="form" name="mail_field" type="email" maxlength="150" required>
        </div>
        <div class="line">
            <label for="password_field">Mot de passe : </label>
            <input id="password_field" class="form" id="password" name="password" type="password" maxlength="16" required>
        </div>
        <?php
            if(isset($_GET['error'])){
                $erreur = getError($_GET['error']);
                echo "<p class = 'error'>$erreur</p>";
            }
        ?>
        <input id="submit" class="button" type="submit" value="Se connecter">
    </form>
    <p id="enregistrer">Si vous n'avez pas de compte <a href="inscription.php" title="Créer un compte">cliquez ici</a>.</p>
</div>
</body>
</html>