6 years ago · 45e344b3f8
--- a/correction/TP2/authenticate.php
+++ b/correction/TP2/authenticate.php
@@ -0,0 +1,40 @@
 
				+<?php
			
 
				+session_start();
			
 
				+
			
 
				+if ( $_SERVER['REQUEST_METHOD'] != 'POST' )
			
 
				+{
			
 
				+    header('Location: signin.php');
			
 
				+    exit();
			
 
				+}
			
 
				+
			
 
				+unset($_SESSION['message']);
			
 
				+
			
 
				+// Incusion du fichiers contenant les associations user => password
			
 
				+require_once('users.php');
			
 
				+
			
 
				+if ( !isset($_POST['login'],$_POST['password']) )
			
 
				+{
			
 
				+    header('Location: signin.php');
			
 
				+    exit();
			
 
				+}
			
 
				+
			
 
				+$login = htmlspecialchars($_POST['login']);
			
 
				+$password = htmlspecialchars($_POST['password']);
			
 
				+
			
 
				+if ( !array_key_exists($login, $users) )
			
 
				+{
			
 
				+    $_SESSION['message'] = "Wrong login.";
			
 
				+    header('Location: signin.php');
			
 
				+    exit();
			
 
				+}
			
 
				+
			
 
				+if ( $users[$login] !== $password )
			
 
				+{
			
 
				+    $_SESSION['message'] = "Wrong password.";
			
 
				+    header('Location: signin.php');
			
 
				+    exit();
			
 
				+}
			
 
				+
			
 
				+$_SESSION['user'] = $login;
			
 
				+header('Location: welcome.php');
			
 
				+exit();
			
--- a/correction/TP2/signin.php
+++ b/correction/TP2/signin.php
@@ -0,0 +1,23 @@
 
				+<?php
			
 
				+	session_start();
			
 
				+?>
			
 
				+<!DOCTYPE html>
			
 
				+<html>
			
 
				+	<head>
			
 
				+		<meta charset="utf-8">
			
 
				+		<title>Signin</title>
			
 
				+	</head>
			
 
				+	<body>
			
 
				+		<h1>Signin</h1>
			
 
				+		<form action="authenticate.php" method="post">
			
 
				+			<label for="login">Login</label>       <input type="text"     id="login"    name="login"    required autofocus>
			
 
				+			<label for="password">Password</label> <input type="password" id="password" name="password" required>
			
 
				+			<input type="submit" value="Signin">
			
 
				+		</form>
			
 
				+<?php if ( isset($_SESSION['message']) && !empty($_SESSION['message']) ) { ?>
			
 
				+		<section>
			
 
				+			<p><?= $_SESSION['message']; ?></p>
			
 
				+		</section>
			
 
				+<?php } ?>
			
 
				+	</body>
			
 
				+</html>
			
--- a/correction/TP2/signout.php
+++ b/correction/TP2/signout.php
@@ -0,0 +1,4 @@
 
				+<?php
			
 
				+    session_start();
			
 
				+    unset($_SESSION['user']);
			
 
				+    header('Location: signin.php');
			
--- a/correction/TP2/users.php
+++ b/correction/TP2/users.php
@@ -0,0 +1,8 @@
 
				+<?php
			
 
				+    // Ce tableau associe un nom d'utilisateur à un mot de passe :
			
 
				+    //    user => password
			
 
				+    $users = [
			
 
				+        'adrien' => 'adrien',
			
 
				+        'gabriel' => 'gabriel',
			
 
				+		'gil' => 'gil',
			
 
				+    ];
			
--- a/correction/TP2/welcome.php
+++ b/correction/TP2/welcome.php
@@ -0,0 +1,22 @@
 
				+<?php
			
 
				+	session_start();
			
 
				+	if ( !isset($_SESSION['user']) )
			
 
				+	{
			
 
				+        header('Location: signin.php');
			
 
				+        exit();
			
 
				+	}
			
 
				+?>
			
 
				+<!DOCTYPE html>
			
 
				+<html>
			
 
				+    <head>
			
 
				+        <meta charset="utf-8">
			
 
				+        <title>My account</title>
			
 
				+    </head>
			
 
				+    <body>
			
 
				+        <p>
			
 
				+			Hello <?= $_SESSION['user']; ?> !<br>
			
 
				+			Welcome on your account.
			
 
				+		</p>
			
 
				+        <p><a href="signout.php">Sign out</a></p>
			
 
				+    </body>
			
 
				+</html>