La Ferme du web - Les forums

Venez baraguiner avec la communauté !

Vous n'êtes pas identifié.

#1 08/04/2015 22:31:10

manelll
Membre
Date d'inscription: 24/03/2015
Messages: 2

créer une page login qui redirige chaque utilisateur vers sa page aprè

Bonjour, je suis en train de réaliser une application de gestion des services des personnels d'une entreprise, l’accès à l'application doit être sécurisé avec un login et mot de passe et selon ces deux paramètre chaque utilisateur est redirigé vers la page qui le concerne ci-dessous j'ai mis j'ai mis le code source que j'ai utilisé mais avec ce script tous les utilisateurs après leur authentification sont redirigé vers une seule page(acceuil.html) je veux savoir que doit-je ajouter pour rediriger chaque utilisateur vers sa propre, si quelqu'un peut m'aider


le script login.html


Code:

<html>
<head>
<title> Login</title>
</head>
<body>
<h2>Login Here</h2>
<form action="login_submit.php" method="post">
<fieldset>
<p>
<label for="username">username</label>
<input type="text" id="username" name="username" value="" maxlength="20" />
</p>
<p>
<label for="password">password</label>
<input type="text" id="password" name="password" value="" maxlength="20" />
</p>
<p>
<input type="submit" value="submit" />
</p>
</fieldset>
</form>
</body>
</html>

le script login_submit.php



Code:

<?php
/*** begin our session ***/
session_start();
/*** check if the users is already logged in ***/
if(isset( $_SESSION['user_id'] ))
{
    $message = 'Users is already logged in';
}
/*** check that both the username, password have been submitted ***/
if(!isset( $_POST['username'], $_POST['password']))
{
    $message = 'login failed';
}
/*** check the username is the correct length ***/
elseif (strlen( $_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
    $message = 'incorrect length';
}
/*** check the password is the correct length ***/
elseif (strlen( $_POST['password']) > 20 || strlen($_POST['password']) < 4)
{
    $message = 'incorrect length';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['username']) != true) 
{
    /*** if there is no match ***/
    $message = "Username must be alpha numeric";
}
/*** check the password has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['password']) != true)
{
        /*** if there is no match ***/
        $message = "Password must be alpha numeric";
}
else
{
    /*** if we are here the data is valid and we can insert it into database ***/
    $username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
    $password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
    /*** now we can encrypt the password ***/
    $password = sha1( $password );
    /*** connect to database ***/
    /*** mysql hostname ***/
    $mysql_hostname = 'localhost';
    /*** mysql username ***/
    $mysql_username = 'root';
    /*** mysql password ***/
    $mysql_password = '';
    /*** database name ***/
    $mysql_dbname = 'ges_tache';
    try
    {
        $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
        /*** $message = a message saying we have connected ***/
        /*** set the error mode to excptions ***/
        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        /*** prepare the select statement ***/
        $stmt = $dbh->prepare("SELECT user_id, username, password FROM membre 
                    WHERE username = :username AND password = :password");
        /*** bind the parameters ***/
        $stmt->bindParam(':username', $username, PDO::PARAM_STR);
        $stmt->bindParam(':password', $password, PDO::PARAM_STR, 40);
        /*** execute the prepared statement ***/
        $stmt->execute();
        /*** check for a result ***/
        $user_id = $stmt->fetchColumn();
        /*** if we have no result then fail boat ***/
        if($user_id == false)
        {
                $message = 'error, please try again later';
        }
        /*** if we do have a result, all is well ***/
        else
        {
                /*** set the session user_id variable ***/
                $_SESSION['user_id'] = $user_id;
                 header('Location: acceuil.html');
                 }
    }
    catch(Exception $e)
    {
        /*** if we are here, something has gone wrong with the database ***/
        $message = 'error"';
    }
}
?>
<html>
<head>
<title>PHPRO Login</title>
</head>
<body>
<p><?php echo $message; ?>
</body>
</html>

Hors ligne

 

08/04/2015 22:31:10

Botte De Foin Publicitaire


Pied de page des forums

Powered by FluxBB
© Copyright 2008-2009 - LaFermeduWeb.net