54 lines
1.5 KiB
PHP
54 lines
1.5 KiB
PHP
<?php
|
|
session_start();
|
|
require 'db_con.php';
|
|
|
|
$error = '';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|
$username = $_POST['username'];
|
|
$password = $_POST['password'];
|
|
|
|
// Préparation de la requête pour obtenir l'utilisateur
|
|
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = :username AND status = 'active'");
|
|
$stmt->execute([':username' => $username]);
|
|
$user = $stmt->fetch();
|
|
|
|
// Vérification du mot de passe
|
|
if ($user && password_verify($password, $user['password'])) {
|
|
// Enregistrement des informations dans la session
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['role'] = $user['role'];
|
|
|
|
// Redirection vers main.php
|
|
header("Location: main.php");
|
|
exit;
|
|
} else {
|
|
$error = 'Invalid username or password';
|
|
}
|
|
}
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<title>Login</title>
|
|
</head>
|
|
<body>
|
|
<h2>Login</h2>
|
|
<?php if ($error): ?>
|
|
<p style="color: red;"><?= htmlspecialchars($error) ?></p>
|
|
<?php endif; ?>
|
|
<form action="index.php" method="post">
|
|
<label for="username">Username:</label>
|
|
<input type="text" id="username" name="username" required>
|
|
<br>
|
|
<label for="password">Password:</label>
|
|
<input type="password" id="password" name="password" required>
|
|
<br>
|
|
<button type="submit">Login</button>
|
|
</form>
|
|
</body>
|
|
</html>
|