ajout tp3

Tp3/adduser.php

@@ -17,7 +17,7 @@
         header('Location: signup.php');
         exit();
     }
-    if (empty($_POST['login'] && empty($_POST['passwd'] && empty($_POST['passwdconf']) {
+    if (empty($_POST['login']) || empty($_POST['passwd']) || empty($_POST['passwdconf'])) {
         header('Location: signup.php');
         exit();
     }
@@ -33,7 +33,7 @@
     
     $req = $pdo->prepare('INSERT INTO Users (login, passwd) VALUES (:login, :passwd)');
     $req->bindValue(':login', $login, PDO::PARAM_STR);
-    $req->bindValue(':passwd', $passwd, PDO::PARAM_STR);
+    $req->bindValue(':passwd', password_hash($passwd, PASSWORD_DEFAULT), PDO::PARAM_STR);
     if ($req->execute()) {
         header('Location: signin.php');
     } else {

Tp3/authenticate.php

@@ -24,7 +24,7 @@
             exit();
         }
         foreach ($req as $row) {
-            if ($row['passwd'] != $login) {
+            if (!password_verify($passwd, $row['passwd'])) {
                 header('Location: signin.php');
                 $_SESSION['message'] = 'Bad password';
                 exit();