29 lines
846 B
PHP
29 lines
846 B
PHP
GNU nano 8.4 login.php
|
|
<?php
|
|
session_start();
|
|
require '../config/db.php';
|
|
$env = require '../config/env.php';
|
|
|
|
$data = json_decode(file_get_contents('php://input'), true);
|
|
$username = trim($data['username'] ?? '');
|
|
$password = $data['password'] ?? '';
|
|
|
|
$stmt = $pdo->prepare("SELECT * FROM utilisateurs WHERE pseudo = ?");
|
|
$stmt->execute([$username]);
|
|
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$user || !password_verify($password, $user['mot_de_passe'])) {
|
|
echo json_encode(['success'=>false,'message'=>'Identifiants incorrects']);
|
|
exit;
|
|
}
|
|
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$isAdmin = strtolower($user['pseudo']) === 'admin';
|
|
|
|
echo json_encode([
|
|
'success'=>true,
|
|
'message'=>'Connexion réussie',
|
|
'isAdmin'=>$isAdmin,
|
|
'flag'=>$isAdmin ? $env['FLAG'] : null
|
|
]);
|