iset3/projetphp
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add and search record done

Browse Source
This commit is contained in:
adri
2019-01-02 13:23:07 +01:00
parent 50705e1234
commit f99073eedd
5 changed files with 164 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
post.php
View File

@@ -1,4 +1,8 @@
<?php
require_once("function.php");
$emailPatern = '/^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/';
$pwPatern = '/^[a-z]{8,16}$/';
$loginPatern = '/^[a-z]{8,16}$/';
$ret["return"] = false;
$ret["pw"] = null;
try {
@@ -12,13 +16,53 @@ try {
if (isset($_POST["userToDel"])) {
$req = $bdd->prepare('DELETE FROM `projetphp` WHERE `projetphp`.`login`=:login');
$req->execute(array( 'login' => htmlspecialchars($_POST["userToDel"])));
$req->closeCursor();
}
elseif (isset($_POST["userExist"])) {
if(userExist($_POST["userExist"]))
{
$ret["return"] = "userExist";
}
else
{
$ret["return"] = "userNotExist";
}
}
//INSERT INTO `projetphp` (`login`, `date_naissance`, `e_mail`, `mot_de_passe`, `security_level`) VALUES ('blipblop', '2019-01-09', 'aaaaa@aaa.cc', MD5('sdfqsdfsfd'), '5');
elseif (isset($_POST["newUser"],$_POST["datene"], $_POST["email"], $_POST["pw"], $_POST["sl"]) && $_POST["newUser"] == "true") {
if(preg_match($loginPatern, $_POST["login"]) && preg_match($emailPatern, $_POST[email]) && preg_match($pwPatern, $_POST["pw"]))
{
if(userExist($_POST["login"]))
{
$ret["return"] = "userExist";
}
else
{
$ret["pw"] = md5(htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8'));
$req = $bdd->prepare('INSERT INTO `projetphp` (`login`, `date_naissance`, `e_mail`, `mot_de_passe`, `security_level`) VALUES (:login, :datene, :email, :pw, :slvl)');
$req->execute(array(
'login' => htmlspecialchars($_POST["login"], ENT_QUOTES, 'UTF-8'),
'datene' => htmlspecialchars($_POST["datene"], ENT_QUOTES, 'UTF-8'),
'email' => (htmlspecialchars($_POST["email"], ENT_QUOTES, 'UTF-8')),
'pw' => $ret["pw"],
'slvl' => htmlspecialchars($_POST["slvl"], ENT_QUOTES, 'UTF-8'),
));
$req->closeCursor();
$ret["return"] = true;
}
}
else
{
$ret["return"] = "patern mismatch !".preg_match($loginPatern, $_POST["login"]) ."_". preg_match($emailPatern, $_POST[email]) ."_". preg_match($pwPatern, $_POST["pw"]);
}
}
//UPDATE `projetphp` SET `security_level` = '6' WHERE `projetphp`.`login` = 'aaazzze';
if (isset($_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $_POST["sl"], $_POST["login"])) {
if (preg_match('/^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/', $_POST["email"])) {
if (htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "true" && preg_match('/^[a-z]{8,16}$/', $_POST["pw"])) {
else if (isset($_POST["newUser"], $_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $_POST["sl"], $_POST["login"]) && $_POST["newUser"] == "false") {
if (preg_match($emailPatern, $_POST["email"])) {
if (htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "true" && preg_match($pwPatern, $_POST["pw"])) {
$req = $bdd->prepare('UPDATE `projetphp` SET `date_naissance` = :datene, `e_mail` = :email, `mot_de_passe` = :pw, `security_level` = :sl WHERE `projetphp`.`login` = :login');
$req->execute(array(
'datene' => htmlspecialchars($_POST["datene"], ENT_QUOTES, 'UTF-8'),
@@ -27,6 +71,7 @@ if (isset($_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $
'sl' => htmlspecialchars($_POST["sl"], ENT_QUOTES, 'UTF-8'),
'login' => htmlspecialchars($_POST["login"], ENT_QUOTES, 'UTF-8'),
));
$req->closeCursor();
$ret["return"] = true;
$ret["pw"] = md5(htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8'));
} elseif (htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "false") {
@@ -37,6 +82,7 @@ if (isset($_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $
'sl' => htmlspecialchars($_POST["sl"], ENT_QUOTES, 'UTF-8'),
'login' => htmlspecialchars($_POST["login"], ENT_QUOTES, 'UTF-8'),
));
$req->closeCursor();
$ret["return"] = true;
$ret["pw"] = htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8');
} else ;