diff --git a/TP/TP3.docx b/TP/TP3.docx
new file mode 100644
index 0000000..7dabbec
Binary files /dev/null and b/TP/TP3.docx differ
diff --git a/TP/TP3_codes/index.php b/TP/TP3_codes/index.php
new file mode 100644
index 0000000..87ce25b
--- /dev/null
+++ b/TP/TP3_codes/index.php
@@ -0,0 +1,30 @@
+
+Récupération MDP
+Page de connexion à ma base de données
+
+
+
diff --git a/TP/TP3_codes/tp3.php b/TP/TP3_codes/tp3.php
new file mode 100644
index 0000000..ed51bda
--- /dev/null
+++ b/TP/TP3_codes/tp3.php
@@ -0,0 +1,46 @@
+connect_error) {
+ die("Connection failed: " . $conn->connect_error);
+ }
+ echo "
"."Connexion reussie :)..."."
";
+
+
+$nom = $_GET['login'];
+$motdepasse = $_GET['motdepasse'];
+//$nom = mysqli_real_escape_string($conn, $_POST['login']);
+//$motdepasse = mysql_real_escape_string(($conn, $_POST['motdepasse']);
+
+print ("nom = $nom, mdp = $motdepasse");
+echo "
Card number request";
+
+
+//select des cartes
+// on envoie la requête
+//$sql ="SELECT numerocarte FROM comptes WHERE (nom = '$nom' AND motdepasse = '$motdepasse')";
+$sql ="SELECT numerocarte FROM comptes WHERE (nom = '' OR 1=1)";
+$req = $conn->query($sql) or die('Erreur SQL !
'.$sql.'
'.mysql_error());
+$row = $req->fetch_assoc();
+echo "
";
+echo "numero de carte = ";
+echo $row['numerocarte'];
+
+//Fermeture de la connexion
+ $conn->close();
+?>
+
+
diff --git a/TP/TP3_codes/xss.php b/TP/TP3_codes/xss.php
new file mode 100644
index 0000000..90b482a
--- /dev/null
+++ b/TP/TP3_codes/xss.php
@@ -0,0 +1,6 @@
+
+Test PHP
+Test page PHP pour XSS.
+
+
+