ajout de la foction de la séparation des pages selon les rôles
This commit is contained in:
Poty Thomas
parent
55dc4ef7aa
commit
30ca31ed2b
8 changed files with 131 additions and 19 deletions
|
|
@ -22,7 +22,21 @@ function verify_login_ctrl(?string $route) {
|
||||||
session_regenerate_id(true);
|
session_regenerate_id(true);
|
||||||
$_SESSION['login'] = $user['login'];
|
$_SESSION['login'] = $user['login'];
|
||||||
$_SESSION['role'] = $user['type'];
|
$_SESSION['role'] = $user['type'];
|
||||||
|
if ($route) {
|
||||||
header('Location: index.php?route=' . $route);
|
header('Location: index.php?route=' . $route);
|
||||||
|
} else {
|
||||||
|
switch ($user['type']) {
|
||||||
|
case 'admin':
|
||||||
|
header('Location: index.php?route=admin');
|
||||||
|
break;
|
||||||
|
case 'lecteur':
|
||||||
|
header('Location: index.php?route=operations');
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
header('Location: index.php');
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
exit;
|
exit;
|
||||||
} else {
|
} else {
|
||||||
echo 'Erreur d\'authentification.';
|
echo 'Erreur d\'authentification.';
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
function login_ctrl() {
|
function login_ctrl() {
|
||||||
$ask_route = null;
|
$ask_route = null;
|
||||||
if (isset($_GET['ask'])) {
|
if (isset($_GET['ask'])) {
|
||||||
$ask_route = htmlentities($_GET['ask']);
|
$ask_route = htmlentities($_GET['ask']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
verify_login_ctrl($ask_route);
|
verify_login_ctrl($ask_route);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -14,18 +12,14 @@ function login_ctrl() {
|
||||||
}
|
}
|
||||||
|
|
||||||
function verify_login_ctrl(?string $route) {
|
function verify_login_ctrl(?string $route) {
|
||||||
$login = isset($_POST['login']) ? htmlentities($_POST['login']) : '';
|
|
||||||
$passwd = isset($_POST['password']) ? $_POST['password'] : '';
|
|
||||||
|
|
||||||
require('models/connection.php');
|
require('models/connection.php');
|
||||||
require('models/user_crud.php');
|
require('models/user_crud.php');
|
||||||
|
$login = isset($_POST['login']) ? htmlentities($_POST['login']) : '';
|
||||||
|
$passwd = isset($_POST['password']) ? $_POST['password'] : '';
|
||||||
$c = connection();
|
$c = connection();
|
||||||
$user = recuperation_auth($c, $login);
|
$user = recuperation_auth($c, $login);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if ($user && password_verify($passwd, $user['passwd'])) {
|
if ($user && password_verify($passwd, $user['passwd'])) {
|
||||||
|
session_regenerate_id(true);
|
||||||
$_SESSION['login'] = $user['login'];
|
$_SESSION['login'] = $user['login'];
|
||||||
$_SESSION['role'] = $user['type'];
|
$_SESSION['role'] = $user['type'];
|
||||||
header('Location: index.php?route=' . $route);
|
header('Location: index.php?route=' . $route);
|
||||||
|
|
@ -42,7 +36,8 @@ function login_form_ctrl(?string $route) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function logout_ctrl() {
|
function logout_ctrl() {
|
||||||
unset($_SESSION);
|
session_unset();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
|
setcookie(session_name(), '', time() - 3600, '/');
|
||||||
require('views/welcome_view.php');
|
require('views/welcome_view.php');
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -28,11 +28,13 @@
|
||||||
|
|
||||||
|
|
||||||
case null:
|
case null:
|
||||||
require('views/welcome_view.php');
|
require('views/login_views.php');
|
||||||
|
login_form_view($route);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case '':
|
case '':
|
||||||
require('views/welcome_view.php');
|
require('views/login_views.php');
|
||||||
|
login_form_view($route);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'auth':
|
case 'auth':
|
||||||
|
|
|
||||||
85
index.php~
Normal file
85
index.php~
Normal file
|
|
@ -0,0 +1,85 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* The front controller
|
||||||
|
* Vincent Verdon - 20240604
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
//Loads some functions for session managment and starts the session
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
session_start();
|
||||||
|
//var_dump($_SESSION);
|
||||||
|
|
||||||
|
//Erreurs à afficher SEULEMENT en phase de développement !
|
||||||
|
error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED);
|
||||||
|
ini_set('display_errors', 1);
|
||||||
|
|
||||||
|
//The requested route
|
||||||
|
$route = null;
|
||||||
|
if (isset($_GET['route'])) {
|
||||||
|
$route = 'invalid';
|
||||||
|
if (preg_match('#^[a-zA-Z0-9 _]*$#', $_GET['route'])) {
|
||||||
|
$route = $_GET['route'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
//We switch to the good controller
|
||||||
|
switch ($route) {
|
||||||
|
|
||||||
|
|
||||||
|
case null:
|
||||||
|
require('views/login_views.php');
|
||||||
|
break;
|
||||||
|
|
||||||
|
case '':
|
||||||
|
require('views/login_views.php');
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'auth':
|
||||||
|
require('controllers/auth_ctrl2.php');
|
||||||
|
login_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'logout':
|
||||||
|
require('controllers/auth_ctrl2.php');
|
||||||
|
logout_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'add_utilisateurs_form':
|
||||||
|
require('controllers/utilisateur_ctrl.php');
|
||||||
|
add_utilisateurs_form_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'add_utilisateurs':
|
||||||
|
require('controllers/utilisateur_ctrl.php');
|
||||||
|
add_utilisateurs_write_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'modif_utilisateurs_form':
|
||||||
|
require('controllers/modif_compte_ctrl.php');
|
||||||
|
modif_utilisateurs_form_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'modif_utilisateurs':
|
||||||
|
require('controllers/modif_compte_ctrl.php');
|
||||||
|
modif_utilisateurs_write_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'operations':
|
||||||
|
require('controllers/operation_ctrl.php');
|
||||||
|
operations_form_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'lecture':
|
||||||
|
require('views/lecture_page.php');
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'lecture_ctrl':
|
||||||
|
require('controllers/lecture_page_ctrl.php');
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
require('views/404_view.php');
|
||||||
|
break;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -6,7 +6,7 @@
|
||||||
*/
|
*/
|
||||||
function connection() {
|
function connection() {
|
||||||
//Loads config from file config.php
|
//Loads config from file config.php
|
||||||
require('config/config.php');
|
require_once('config/config.php');
|
||||||
|
|
||||||
//Db connection
|
//Db connection
|
||||||
$connex = new PDO('mysql:host=' . HOST . ';dbname=' . DB,USER , PASSWORD);
|
$connex = new PDO('mysql:host=' . HOST . ';dbname=' . DB,USER , PASSWORD);
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@
|
||||||
*/
|
*/
|
||||||
function connection() {
|
function connection() {
|
||||||
//Loads config from file config.php
|
//Loads config from file config.php
|
||||||
require('config/config.php');
|
require_once('config/config.php');
|
||||||
|
|
||||||
//Db connection
|
//Db connection
|
||||||
$connex = new PDO('mysql:host=' . HOST . ';dbname=' . DB,USER , PASSWORD);
|
$connex = new PDO('mysql:host=' . HOST . ';dbname=' . DB,USER , PASSWORD);
|
||||||
|
|
|
||||||
|
|
@ -2,12 +2,12 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
function recuperation_auth(PDO $connex, int $id):array {
|
function recuperation_auth(PDO $connex, string $login):array {
|
||||||
require('config/config.php');
|
require_once('config/config.php');
|
||||||
$req = "SELECT login, passwd, type FROM Utilisateur WHERE login = :login";
|
$req = "SELECT login, passwd, type FROM Utilisateur WHERE login = :login";
|
||||||
|
|
||||||
$prep = $connex->prepare($req);
|
$prep = $connex->prepare($req);
|
||||||
$prep->bindValue(':id', $id);
|
$prep->bindValue(':login', $login);
|
||||||
$prep->execute();
|
$prep->execute();
|
||||||
$auth = $prep->fetch(PDO::FETCH_ASSOC);
|
$auth = $prep->fetch(PDO::FETCH_ASSOC);
|
||||||
$prep->closeCursor();
|
$prep->closeCursor();
|
||||||
|
|
|
||||||
16
models/user_crud.php~
Normal file
16
models/user_crud.php~
Normal file
|
|
@ -0,0 +1,16 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
function recuperation_auth(PDO $connex, string $login):array {
|
||||||
|
require('config/config.php');
|
||||||
|
$req = "SELECT login, passwd, type FROM Utilisateur WHERE login = :login";
|
||||||
|
|
||||||
|
$prep = $connex->prepare($req);
|
||||||
|
$prep->bindValue(':login', $login);
|
||||||
|
$prep->execute();
|
||||||
|
$auth = $prep->fetch(PDO::FETCH_ASSOC);
|
||||||
|
$prep->closeCursor();
|
||||||
|
return $auth;
|
||||||
|
}
|
||||||
|
|
||||||
Loading…
Add table
Reference in a new issue