yasss2627/dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Téléverser les fichiers vers "api"

Browse Source
This commit is contained in:
yasss2627 2026-01-11 22:24:53 +00:00
commit d904669793
4 changed files with 95 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
api/login.php Normal file
View File

@ -0,0 +1,28 @@
GNU nano 8.4 login.php
<?php
session_start();
require '../config/db.php';
$env = require '../config/env.php';
$data = json_decode(file_get_contents('php://input'), true);
$username = trim($data['username'] ?? '');
$password = $data['password'] ?? '';
$stmt = $pdo->prepare("SELECT * FROM utilisateurs WHERE pseudo = ?");
$stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$user || !password_verify($password, $user['mot_de_passe'])) {
echo json_encode(['success'=>false,'message'=>'Identifiants incorrects']);
exit;
}
$_SESSION['user_id'] = $user['id'];
$isAdmin = strtolower($user['pseudo']) === 'admin';
echo json_encode([
'success'=>true,
'message'=>'Connexion réussie',
'isAdmin'=>$isAdmin,
'flag'=>$isAdmin ? $env['FLAG'] : null
]);

4
api/logout.php Normal file
View File

@ -0,0 +1,4 @@
<?php
session_start();
session_destroy();
echo json_encode(['success'=>true,'message'=>'Déconnexion réussie']);

37
api/post.php Normal file
View File

@ -0,0 +1,37 @@
<?php
session_start();
require '../config/db.php';
$userId = $_SESSION['user_id'] ?? null;
if(!$userId){
echo json_encode(['success'=>false,'message'=>'Vous devez être connecté']);
exit;
}
$content = trim($_POST['content'] ?? '');
if(!$content){
echo json_encode(['success'=>false,'message'=>'Message vide']);
exit;
}
// Insertion du message
$stmt = $pdo->prepare("INSERT INTO messages (id_utilisateur, contenu, date_creation)>
$stmt->execute([$userId, $content]);
$messageId = $pdo->lastInsertId();
// Upload de fichier
if(!empty($_FILES['image']['tmp_name'])){
$file = $_FILES['image'];
$allowedTypes = ['image/png','image/jpeg'];
if(!in_array($file['type'],$allowedTypes) || $file['size']>2*1024*1024){
echo json_encode(['success'=>false,'message'=>'Fichier non valide']);
exit;
}
$data = file_get_contents($file['tmp_name']);
$base64 = 'data:'.$file['type'].';base64,'.base64_encode($data);
$stmt = $pdo->prepare("INSERT INTO fichiers (id_message, nom_fichier, chemin_fic>
$stmt->execute([$messageId, $file['name'], $base64, $file['size'], $file['type']>
}
echo json_encode(['success'=>true,'message'=>'Post publié avec succès']);

26
api/register.php Normal file
View File

@ -0,0 +1,26 @@
<?php
session_start();
require '../config/db.php';
$data = json_decode(file_get_contents('php://input'), true);
$username = trim($data['username'] ?? '');
$password = $data['password'] ?? '';
if ($username === '' || strlen($password) < 6) {
echo json_encode(['success'=>false,'message'=>'Pseudo ou mot de passe invalide']>
exit;
}
$stmt = $pdo->prepare("SELECT id FROM utilisateurs WHERE pseudo = ?");
$stmt->execute([$username]);
if ($stmt->fetch()) {
echo json_encode(['success'=>false,'message'=>'Pseudo déjà utilisé']);
exit;
}
$hash = password_hash($password, PASSWORD_BCRYPT);
$stmt = $pdo->prepare("INSERT INTO utilisateurs (pseudo, mot_de_passe, date_inscript>
$stmt->execute([$username, $hash]);
echo json_encode(['success'=>true,'message'=>'Inscription réussie']);