Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
legi
soft
gestex
Commits
ab7cf740
Commit
ab7cf740
authored
Jul 22, 2020
by
Gabriel Moreau
Browse files
Replace SQL by clean function get_user_all_by_login
parent
8b7d4503
Changes
3
Hide whitespace changes
Inline
Side-by-side
auth-functions.php
View file @
ab7cf740
...
...
@@ -16,26 +16,23 @@ function auth($reqlevel, $logged_user='', $password='') {
if
(
$check
)
{
$pdo
=
connect_db
();
$sql
=
'SELECT password, id, level, valid FROM users WHERE loggin = ?;'
;
$stmt
=
$pdo
->
prepare
(
$sql
);
$stmt
->
execute
(
array
(
$logged_user
));
$user
=
$stmt
->
fetchAll
(
PDO
::
FETCH_ASSOC
);
$user
=
get_user_all_by_login
(
$pdo
,
$logged_user
);
// is the password correct
if
(
$user
[
0
][
'password'
]
!=
md5
(
$password
))
{
if
(
$user
[
'password'
]
!=
md5
(
$password
))
{
// pas le bon ppasswd
return
0
;
// false;
}
else
if
(
$reqlevel
>
$user
[
0
][
'level'
]){
}
else
if
(
$reqlevel
>
$user
[
'level'
]){
// pas le niveau d'autorisation requis
return
0
;
//false;
}
else
{
// tout ok
// down the level for disable user
$level
=
$user
[
0
][
'level'
];
if
(
$user
[
0
][
'valid'
]
==
0
&&
$level
>
1
)
$level
=
$user
[
'level'
];
if
(
$user
[
'valid'
]
==
0
&&
$level
>
1
)
$level
=
1
;
// set session variables
$_SESSION
[
'logged_id'
]
=
$user
[
0
][
'id'
];
$_SESSION
[
'logged_user'
]
=
$logged_user
;
$_SESSION
[
'logged_id'
]
=
$user
[
'id'
];
$_SESSION
[
'logged_user'
]
=
$logged_user
;
$_SESSION
[
'logged_level'
]
=
$level
;
return
1
;
}
...
...
db-functions.php
View file @
ab7cf740
...
...
@@ -242,6 +242,18 @@ function get_user_all_by_id($pdo, $id) {
// -------------------------------------------------------------
function
get_user_all_by_login
(
$pdo
,
$login
)
{
$sql
=
'SELECT * FROM users WHERE loggin = ?;'
;
$stmt
=
$pdo
->
prepare
(
$sql
);
$stmt
->
execute
(
array
(
$login
));
$result_fetch
=
$stmt
->
fetchAll
(
PDO
::
FETCH_ASSOC
);
if
(
count
(
$result_fetch
)
>
0
)
return
$result_fetch
[
0
];
return
false
;
}
// -------------------------------------------------------------
function
get_version_by_name
(
$pdo
,
$name
)
{
$sql
=
'SELECT version FROM version WHERE name = ?;'
;
$stmt
=
$pdo
->
prepare
(
$sql
);
...
...
html-functions.php
View file @
ab7cf740
...
...
@@ -33,12 +33,9 @@ function en_tete($titre, $find=false) {
if
(
!
empty
(
$_SESSION
))
{
$pdo
=
connect_db
();
$logged_user
=
$_SESSION
[
'logged_user'
];
$sql
=
'SELECT nom, prenom, theme FROM users WHERE loggin = ?;'
;
$stmt
=
$pdo
->
prepare
(
$sql
);
$stmt
->
execute
(
array
(
$logged_user
));
$user
=
$stmt
->
fetchAll
(
PDO
::
FETCH_ASSOC
);
$user
=
get_user_all_by_login
(
$pdo
,
$logged_user
);
$css
=
'pool_project_'
.
$user
[
0
][
'theme'
]
.
'.css'
;
$css
=
'pool_project_'
.
$user
[
'theme'
]
.
'.css'
;
}
else
{
$css
=
'pool_project_clair.css'
;
}
...
...
@@ -66,7 +63,7 @@ function en_tete($titre, $find=false) {
<?php
if
(
!
empty
(
$_SESSION
))
{
nav_bar
(
$user
[
0
][
'prenom'
],
$user
[
0
][
'nom'
],
$_SESSION
[
'logged_level'
],
$_SESSION
[
'logged_id'
],
$find
);
nav_bar
(
$user
[
'prenom'
],
$user
[
'nom'
],
$_SESSION
[
'logged_level'
],
$_SESSION
[
'logged_id'
],
$find
);
}
else
{
nav_bar
(
''
,
''
,
0
,
0
,
$find
);
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
