LP42-Securite-sur-le-web/TP/TP2_codes/parTP/tp2.php

<?php
// ------------------------------------------------------------------------- //
// Test de connection à MySQL                                                //
// ------------------------------------------------------------------------- //

echo "Bonjour \n";
//Éditez les varibales ci dessous
/*if(!isset($_GET['login']) && !isset($_GET['motdepasse']))
{
    header('Location: index.php');
    print ("login et pass ok <br/>");
}else{
    // On va vérifier les variables
    print("Verification du login et pass<br/>");
    if(!preg_match('/^[[:alnum:]]+$/', $_GET['login']) or
        !preg_match('/^[[:alnum:]]+$/', $_GET['motdepasse']))
    {
    echo 'Vous devez entrer uniquement des lettres ou des chiffres <br/>';
   echo '<a href="index.php" temp_href="index.php">Ressayer</a>';
    exit();
    }
}
*/


$sql_host = "localhost";
$sql_user = "iut";
$sql_pwd = "iut";
$sql_db = "BD_TP2";

   
// Create connection
       $conn = new mysqli($sql_host, $sql_user, $sql_pwd, $sql_db);
        // Check connection
        if ($conn->connect_error) {
                die("Connection failed: " . $conn->connect_error);
        } 
        echo "<br/>"."Connexion reussie :)..."."<br/>";


$nom = $_GET['login'];
$motdepasse = $_GET['motdepasse'];
print ("nom = $nom, mdp = $motdepasse");
echo "<br/>New record created successfully";

/*

//select des cartes 
// on envoie la requête
$sql ="SELECT numerocarte FROM comptes WHERE (nom = '$nom' AND motdepasse = '$m$
$req = $conn->query($sql) or die('Erreur SQL !<br>'.$sql.'<br>'.mysql_error());
$row = $req->fetch_assoc();
echo "<br>";
echo "numero de carte = ";
echo $row['numerocarte'];
//Fermeture de la connexion
        $conn->close();

*/

?>
fin TP2 2022-09-20 09:46:06 +02:00			`<?php`
			`// ------------------------------------------------------------------------- //`
			`// Test de connection à MySQL //`
			`// ------------------------------------------------------------------------- //`

			`echo "Bonjour \n";`
			`//Éditez les varibales ci dessous`
			`/*if(!isset($_GET['login']) && !isset($_GET['motdepasse']))`
			`{`
			`header('Location: index.php');`
			`print ("login et pass ok <br/>");`
			`}else{`
			`// On va vérifier les variables`
			`print("Verification du login et pass<br/>");`
			`if(!preg_match('/^[[:alnum:]]+$/', $_GET['login']) or`
			`!preg_match('/^[[:alnum:]]+$/', $_GET['motdepasse']))`
			`{`
			`echo 'Vous devez entrer uniquement des lettres ou des chiffres <br/>';`
			`echo '<a href="index.php" temp_href="index.php">Ressayer</a>';`
			`exit();`
			`}`
			`}`
			`*/`



			`$sql_host = "localhost";`
			`$sql_user = "iut";`
			`$sql_pwd = "iut";`
			`$sql_db = "BD_TP2";`


			`// Create connection`
			`$conn = new mysqli($sql_host, $sql_user, $sql_pwd, $sql_db);`
			`// Check connection`
			`if ($conn->connect_error) {`
			`die("Connection failed: " . $conn->connect_error);`
			`}`
			`echo "<br/>"."Connexion reussie :)..."."<br/>";`


			`$nom = $_GET['login'];`
			`$motdepasse = $_GET['motdepasse'];`
			`print ("nom = $nom, mdp = $motdepasse");`
			`echo "<br/>New record created successfully";`

			`/*`

			`//select des cartes`
			`// on envoie la requête`
			`$sql ="SELECT numerocarte FROM comptes WHERE (nom = '$nom' AND motdepasse = '$m$`
			`$req = $conn->query($sql) or die('Erreur SQL !<br>'.$sql.'<br>'.mysql_error());`
			`$row = $req->fetch_assoc();`
			`echo "<br>";`
			`echo "numero de carte = ";`
			`echo $row['numerocarte'];`
			`//Fermeture de la connexion`
			`$conn->close();`

			`*/`

			`?>`