forked from jefvannot/php_rush00
-
Notifications
You must be signed in to change notification settings - Fork 0
/
users.php
153 lines (142 loc) · 3.89 KB
/
users.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
<?php
session_start();
include("tools/auth.php");
include('tools/get_db.php');
function passwd_update(array $data) {
$path = "private";
$file = $path."/passwd";
$db = get_db($path, $file);
$key = array_search($_SESSION['mail'], array_column($db, 'mail'));
if ($data['oldpwd'] == "")
$error[] = 'oldpwd';
if ($data['newpwd1'] == "")
$error[] = 'newpwd1';
if ($data['newpwd2'] == "")
$error[] = 'newpwd2';
if ($error)
{
$_SESSION['flag_empty_fields'] = "ON";
header('Location: modif_pwd.php?'.implode('&', $error));
exit();
}
if ($db[$key]['passwd'] != hash('whirlpool', $data['oldpwd'])) {
$_SESSION['flag_bad_passwd'] = "ON";
header('Location: modif_pwd.php?'.implode('&', $error));
exit();
}
if ($data['newpwd1'] != $data['newpwd2'])
{
$_SESSION['flag_cmp_passwd'] = "KO";
header('Location: modif_pwd.php');
exit();
}
$db[$key]['passwd'] = hash('whirlpool', $data['newpwd1']);
file_put_contents($file, serialize($db));
$_SESSION['flag_password_updated'] = "OK";
header('Location: index.php');
exit();
}
function profil_update(array $data) {
$path = "private";
$file = $path."/passwd";
$db = get_db($path, $file);
if ($data['mail'] != $_SESSION['mail'] && array_search($data['mail'], array_column($db, 'mail')) !== false)
{
$_SESSION['mail_already_registered'] = "ON";
header('Location: modif_profil.php');
exit();
}
$key = array_search($_SESSION['mail'], array_column($db, 'mail'));
$db[$key]['prenom'] = $data['prenom'];
$db[$key]['nom'] = $data['nom'];
$db[$key]['mail'] = $data['mail'];
file_put_contents($file, serialize($db));
$_SESSION['logged_on_user'] = $data['prenom'];
$_SESSION['nom'] = $data['nom'];
$_SESSION['mail'] = $data['mail'];
$_SESSION['flag_profil_updated'] = "OK";
header('Location: index.php');
exit();
}
function login(array $data) {
$path = "private";
$file = $path."/passwd";
$db = get_db($path, $file);
if ($data['mail'] == "")
$error[] = 'mail';
if ($data['passwd'] == "")
$error[] = 'passwd';
if ($error)
{
$_SESSION['flag_empty_fields'] = "ON";
header('Location: login.php?'.implode('&', $error));
exit();
}
if ($user = auth($db, $data['mail'], $data['passwd']))
{
$_SESSION['logged_on_user'] = $user['prenom'];
$_SESSION['nom'] = $user['nom'];
$_SESSION['mail'] = $user['mail'];
$_SESSION['flag_log'] = "OK";
header('Location: index.php');
exit();
}
else
{
$_SESSION['flag_bad_passwd'] = "ON";
$_SESSION['logged_on_user'] = "";
header('Location: login.php?passwd');
exit();
}
}
function create_user(array $data) {
$path = "private";
$file = $path."/passwd";
$db = get_db($path, $file);
$new_user['nom'] = $data['nom'];
$new_user['prenom'] = $data['prenom'];
$new_user['mail'] = $data['mail'];
$new_user['passwd'] = hash('whirlpool', $data['passwd1']);
if ($db && array_search($data['mail'], array_column($db, 'mail')) !== false) // plus l'admin a gerer
{
$_SESSION['mail_already_registered'] = "ON";
header('Location: signup.php');
exit();
}
$db[] = $new_user;
file_put_contents($file, serialize($db));
$_SESSION['flag_user_created'] = "OK";
$_SESSION['logged_on_user'] = $new_user['prenom'];
header('Location: index.php');
exit();
}
function register(array $data) {
$error = NULL;
if ($data['prenom'] == "")
$error[] = 'prenom';
if ($data['nom'] == "")
$error[] = 'nom';
if ($data['mail'] == "")
$error[] = 'mail';
if ($data['passwd1'] == "")
$error[] = 'passwd1';
if ($data['passwd2'] == "")
$error[] = 'passwd2';
if ($error)
{
$_SESSION['flag_empty_fields'] = "ON";
header('Location: signup.php?'.implode('&', $error));
exit();
}
if ($data['passwd1'] != $data['passwd2'])
{
$_SESSION['flag_cmp_passwd'] = "KO";
header('Location: signup.php');
exit();
}
create_user($data);
}
$action_array = array('login', 'register', 'profil_update', 'passwd_update');
if ($_POST['action'] && in_array($_POST['action'], $action_array))
$_POST['action']($_POST);
?>