121 lines
3.0 KiB
PHP
121 lines
3.0 KiB
PHP
<?php
|
|
|
|
// TODO Arranger tout ça
|
|
|
|
if (isset($_POST["submitted"]) && !isset($_SESSION["user_id"])) {
|
|
$error_message = login();
|
|
}
|
|
|
|
if (isset($_POST["forgotten_password"]) && !isset($_SESSION["user_id"])) {
|
|
$error_message = recuperateAccount();
|
|
}
|
|
|
|
if (isset($_GET["reset_password"]) && isset($_GET["token"]) && !isset($_SESSION["user_id"])) {
|
|
$reset_data = $DB->query("SELECT `id` FROM `users` WHERE `forgotten_password` = '" . htmlspecialchars($_GET["token"]) . "';")->fetch();
|
|
if ($reset_data === FALSE) {
|
|
header("Location: $URL_BASE/connexion");
|
|
exit();
|
|
}
|
|
|
|
if (isset($_POST["reset_password"]))
|
|
$error_message = resetPassword();
|
|
}
|
|
|
|
if (isset($_GET["confirmation-mail"]) && !isset($_SESSION["user_id"])) {
|
|
$error_message = sendConfirmEmail();
|
|
}
|
|
|
|
function login() {
|
|
global $URL_BASE;
|
|
|
|
$email = htmlspecialchars($_POST["email"]);
|
|
|
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
|
|
return "L'email entrée est invalide.";
|
|
|
|
$password = htmlspecialchars($_POST["password"]);
|
|
|
|
$user = User::fromEmail($email);
|
|
if ($user === null)
|
|
return "Le compte n'existe pas.";
|
|
|
|
if ($user->getConfirmEmailToken() !== NULL) {
|
|
$_SESSION["confirm_email"] = $email;
|
|
return "L'adresse mail n'a pas été validée. Veuillez vérifier votre boîte mail (surtout vos spams). <a href=\"$URL_BASE/connexion/confirmation-mail\">Cliquez ici pour renvoyer le mail de confirmation</a>.";
|
|
}
|
|
|
|
if (!$user->checkPassword($password))
|
|
return "Le mot de passe est incorrect.";
|
|
|
|
$_SESSION["user_id"] = $user->getId();
|
|
loadUserValues();
|
|
|
|
return false;
|
|
}
|
|
|
|
function recuperateAccount() {
|
|
$email = htmlspecialchars($_POST["email"]);
|
|
|
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
|
|
return "L'email entrée est invalide.";
|
|
|
|
$user = User::fromEmail($email);
|
|
if ($user == null)
|
|
return "Le compte n'existe pas.";
|
|
|
|
$token = uniqid();
|
|
|
|
$user->setForgottenPasswordToken($token);
|
|
|
|
Mailer::sendForgottenPasswordProcedureMail($user);
|
|
|
|
return false;
|
|
}
|
|
|
|
function resetPassword() {
|
|
global $reset_data;
|
|
|
|
$id = $reset_data["id"];
|
|
$password = htmlspecialchars($_POST["password"]);
|
|
$confirm = htmlspecialchars($_POST["confirm_password"]);
|
|
|
|
if (strlen($password) < 8)
|
|
return "Le mot de passe doit comporter au moins 8 caractères.";
|
|
|
|
if ($password != $confirm)
|
|
return "Les deux mots de passe sont différents.";
|
|
|
|
$user = User::fromId($id);
|
|
$user->setForgottenPasswordToken(null);
|
|
$user->setPassword($password);
|
|
|
|
Mailer::sendChangePasswordMail($user);
|
|
|
|
return false;
|
|
}
|
|
|
|
function sendConfirmEmail() {
|
|
global $URL_BASE;
|
|
|
|
$email = htmlspecialchars($_SESSION["confirm_email"]);
|
|
|
|
if (!isset($email)) {
|
|
header("Location: $URL_BASE/connexion");
|
|
exit();
|
|
}
|
|
|
|
$user = User::fromEmail($email);
|
|
|
|
if ($user === null) {
|
|
unset($_SESSION["confirm_email"]);
|
|
header("Location: $URL_BASE/connexion");
|
|
exit();
|
|
}
|
|
|
|
Mailer::sendConfirmEmail($user);
|
|
|
|
return false;
|
|
}
|
|
|
|
require_once "server_files/views/connexion.php";
|