2019-08-21 22:56:46 +02:00
< ? php
2019-09-08 12:45:48 +02:00
// TODO Arranger tout ça
2019-08-21 22:56:46 +02:00
if ( isset ( $_POST [ " submitted " ]) && ! isset ( $_SESSION [ " user_id " ])) {
$error_message = login ();
}
2019-09-02 16:39:57 +02:00
if ( isset ( $_POST [ " forgotten_password " ]) && ! isset ( $_SESSION [ " user_id " ])) {
$error_message = recuperateAccount ();
}
if ( isset ( $_GET [ " reset_password " ]) && isset ( $_GET [ " token " ]) && ! isset ( $_SESSION [ " user_id " ])) {
2019-09-08 12:45:48 +02:00
$reset_data = $DB -> query ( " SELECT `id` FROM `users` WHERE `forgotten_password` = ' " . htmlspecialchars ( $_GET [ " token " ]) . " '; " ) -> fetch ();
2019-09-02 16:39:57 +02:00
if ( $reset_data === FALSE ) {
header ( " Location: $URL_BASE /connexion " );
exit ();
}
if ( isset ( $_POST [ " reset_password " ]))
$error_message = resetPassword ();
}
2019-09-02 17:29:27 +02:00
if ( isset ( $_GET [ " confirmation-mail " ]) && ! isset ( $_SESSION [ " user_id " ])) {
$error_message = sendConfirmEmail ();
}
2019-08-21 22:56:46 +02:00
function login () {
2019-09-07 01:33:05 +02:00
global $URL_BASE ;
2019-08-21 22:56:46 +02:00
$email = htmlspecialchars ( $_POST [ " email " ]);
if ( ! filter_var ( $email , FILTER_VALIDATE_EMAIL ))
return " L'email entrée est invalide. " ;
$password = htmlspecialchars ( $_POST [ " password " ]);
2019-09-07 01:33:05 +02:00
$user = User :: fromEmail ( $email );
2019-09-08 12:45:48 +02:00
if ( $user === null )
2019-08-21 22:56:46 +02:00
return " Le compte n'existe pas. " ;
2019-09-02 17:29:27 +02:00
2019-09-07 01:33:05 +02:00
if ( $user -> getConfirmEmailToken () !== NULL ) {
2019-09-02 17:29:27 +02:00
$_SESSION [ " confirm_email " ] = $email ;
return " L'adresse mail n'a pas été validée. Veuillez vérifier votre boîte mail (surtout vos spams). <a href= \" $URL_BASE /connexion/confirmation-mail \" >Cliquez ici pour renvoyer le mail de confirmation</a>. " ;
}
2019-09-07 01:33:05 +02:00
if ( ! $user -> checkPassword ( $password ))
2019-08-21 22:56:46 +02:00
return " Le mot de passe est incorrect. " ;
2019-09-07 01:33:05 +02:00
$_SESSION [ " user_id " ] = $user -> getId ();
2019-09-06 13:48:50 +02:00
loadUserValues ();
2019-08-21 22:56:46 +02:00
return false ;
}
2019-09-02 16:39:57 +02:00
function recuperateAccount () {
$email = htmlspecialchars ( $_POST [ " email " ]);
if ( ! filter_var ( $email , FILTER_VALIDATE_EMAIL ))
return " L'email entrée est invalide. " ;
2019-09-07 01:33:05 +02:00
$user = User :: fromEmail ( $email );
if ( $user == null )
2019-09-02 16:39:57 +02:00
return " Le compte n'existe pas. " ;
$token = uniqid ();
2019-09-07 01:33:05 +02:00
$user -> setForgottenPasswordToken ( $token );
2019-09-08 12:45:48 +02:00
Mailer :: sendForgottenPasswordProcedureMail ( $user );
2019-09-02 16:39:57 +02:00
return false ;
}
function resetPassword () {
2019-09-08 12:45:48 +02:00
global $reset_data ;
2019-09-07 01:33:05 +02:00
2019-09-02 16:39:57 +02:00
$id = $reset_data [ " id " ];
$password = htmlspecialchars ( $_POST [ " password " ]);
$confirm = htmlspecialchars ( $_POST [ " confirm_password " ]);
if ( strlen ( $password ) < 8 )
return " Le mot de passe doit comporter au moins 8 caractères. " ;
if ( $password != $confirm )
return " Les deux mots de passe sont différents. " ;
2019-09-07 01:33:05 +02:00
2019-09-08 12:45:48 +02:00
$user = User :: fromId ( $id );
$user -> setForgottenPasswordToken ( null );
$user -> setPassword ( $password );
2019-09-07 01:33:05 +02:00
2019-09-08 12:45:48 +02:00
Mailer :: sendChangePasswordMail ( $user );
2019-09-02 17:29:27 +02:00
2019-09-02 16:39:57 +02:00
return false ;
}
2019-09-02 17:29:27 +02:00
function sendConfirmEmail () {
2019-09-08 12:45:48 +02:00
global $URL_BASE ;
2019-09-02 17:29:27 +02:00
$email = htmlspecialchars ( $_SESSION [ " confirm_email " ]);
if ( ! isset ( $email )) {
header ( " Location: $URL_BASE /connexion " );
exit ();
}
2019-09-07 01:33:05 +02:00
$user = User :: fromEmail ( $email );
2019-09-02 17:29:27 +02:00
2019-09-07 01:33:05 +02:00
if ( $user === null ) {
2019-09-02 17:29:27 +02:00
unset ( $_SESSION [ " confirm_email " ]);
header ( " Location: $URL_BASE /connexion " );
exit ();
}
2019-09-08 12:45:48 +02:00
Mailer :: sendConfirmEmail ( $user );
2019-09-02 17:29:27 +02:00
return false ;
}
2019-09-07 13:42:36 +02:00
require_once " server_files/views/connexion.php " ;