bonjour
classiquement voilà
une page de login
index.php
<?php
session_start();
/*la connection*/
/*
--
-- Base de données: `test`
--
-- --------------------------------------------------------
--
-- Structure de la table `members`
--
CREATE TABLE IF NOT EXISTS `members` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`username` varchar(32) NOT NULL,
`password` varchar(32) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=8 ;
--
-- Contenu de la table `members`
--
INSERT INTO `members` (`id`, `username`, `password`) VALUES
(1, 'titi', 'toto'),
(3, 'tata', 'popo');
*/
/*le tuto ... http://www.phpeasystep.com/phptu/6.html*/
function checkmembre($login,$password){
/*à parametrer*/
static $host='localhost'; // Host name
static $username='root'; // Mysql username
static $passBDD=''; // Mysql password
static $db_name="test"; // Database name
static $tbl_name='members'; // Table name
static $myusername=false;
static $mypassword=false;
// Connect to server and select databse.
mysql_connect($host,$username,$passBDD) or die('cannot connect');
mysql_select_db($db_name) or die('cannot select DB');
// To protect MySQL injection (more detail about MySQL injection)
$myusername = mysql_real_escape_string(htmlentities(trim($login)));
$mypassword = mysql_real_escape_string(htmlentities(trim($password)));
echo $sql="SELECT * FROM ".$tbl_name." WHERE username='".$myusername."' and password='".$mypassword."' limit 1";
if($result=mysql_query($sql)){
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count===1){
mysql_close();
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['login']=$myusername;
$_SESSION['auth']=true;
ob_start();
header('Location: http://localhost/logeur/admin.php');exit;
ob_flush();
}
else {
mysql_close();
return 'Verifier vos identifiants ...<hr>';
}
}else{
mysql_close();
//prob pas membre
return 'Verifier vos identifiants ...<hr>';
}
/* fin checkmembre*/
}
if(isset($_POST['mot_de_passe'],$_POST['login'],$_POST['btnsbt'])){
$mot_de_passe = $_POST['mot_de_passe'];
$login = $_POST['login'];
if(!empty($mot_de_passe) && !empty($login)){
echo checkmembre($login,$mot_de_passe);
}else{
echo 'des champs sont vides ...
';
}
}else{
$mot_de_passe = '';
$login = '';
}
?>
<form action="" method="post">
LOGIN
PASSWORD
</form>
admin.php
<?php
session_start();
if(isset($_SESSION['login'],$_SESSION['auth']) && $_SESSION['auth']===true){
echo 'BONJOUR : '.$_SESSION['login'].'<hr>';
/*des infos pour le membre*/
}else{
exit('Veuillez vous identifier');
}
?>
ne sont pas traités
protéger le password md5 ou sha1 ...
la deconnection ...
Bonne programmation !