Bjr la communauté Je suis novice en PHP j’ai un site qui fonctionne bien en local… j’aimerais ajouter une section mot de passe oublié je ne parviens par a adapter le code du fichier ( récupération.php) et celui de DB.php (connection à ma bdd)
Code (Db.php)
<?php
/**
* Gestion de la base de données
*/
class Db{
private $host=HOST;
private $name=DBNAME;
private $user=USER;
private $pass=PWD;
private $connexion;
function __construct($host=null,$name=null,$user=null,$pass=null){
if($host != null){
$this->host = $host;
$this->name = $name;
$this->user = $user;
$this->pass = $pass;
}
try{
$this->connexion = new PDO('mysql:host='.$this->host.';dbname='.$this->name,
$this->user,$this->pass,array(
1002 =>'SET NAMES UTF8',
PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING
));
$this->connexion->exec('SET NAMES utf8');
//PDO::MYSQL_ATTR_INIT_COMMAND
}catch (PDOException $e){
//echo 'Erreur : Impossible de se connecter à la BD !';die();
echo $e->getMessage();
}
}
/* requete */
public function query($sql , $data=array()){
$req = $this->connexion->prepare($sql);
$req->execute($data);
return $req->fetchAll(PDO::FETCH_OBJ);
}
public function tquery($sql , $data=array()){
$req = $this->connexion->prepare($sql);
$req->execute($data);
return $req->fetchAll(PDO::FETCH_ASSOC);
}
public function insert($sql , $data=array()){
$req = $this->connexion->prepare($sql);
$nb=$req->execute($data);
return $nb;
}
public function uniqueEmail($email){
$req = $this->connexion->prepare('SELECT count(*) as nbre from users WHERE email=:email limit 1');
$req->execute(array('email'=>$email));
$reponse = $req->fetchAll(PDO::FETCH_ASSOC);
return $reponse[0]['nbre'];
}
}
Code (recuperation.php)
<?php require 'includes/includes.php' ?>
<?php require 'includes/header2.php'; ?>
<!-- message de session -->
<?php if (isset($_SESSION['message'])): ?>
<div class="message"> <?php echo $_SESSION['message']; ?></div>
<?php unset($_SESSION['message']) ?>
<?php endif ?>
<?php if (isset($_SESSION['erreur'])): ?>
<div class="errorMessage"> <?php echo $_SESSION['erreur']; ?></div>
<?php unset($_SESSION['erreur']) ?>
<?php endif ?>
<?php
if(isset($Get['section'])){
$section = htmlspecialchars($Get['section']);
}else{
$section = '';
}
if(isset($_POST['recup_submit'],$_POST['recup_mail'])) {
if(!empty($_POST['recup_mail'])) {
$recup_mail = htmlspecialchars($_POST['recup_mail']);
if(filter_var($recup_mail,FILTER_VALIDATE_EMAIL)) {
$sql = 'SELECT id,nom FROM users WHERE email = ?';
$datas = array($recup_mail);
$mailexist = $DB->tquery($sql,$datas);
$mailexist_count = count($mailexist);
if($mailexist_count == 1) {
$user = $mailexist->fetch[0];
$nom = $user['nom'];
$_SESSION['recup_mail'] = $recup_mail;
$recup_code = "";
for($i=0; $i < 8; $i++) {
$recup_code .= mt_rand(0,9);
}
$sql = 'SELECT id FROM recuperation WHERE email = ?';
$mail_recup_exist->execute(array($recup_mail));
$mail_recup_exist = $mail_recup_exist->rowCount();
if($mail_recup_exist == 1) {
$recup_insert = $DB->prepare('UPDATE recuperation SET code = ? WHERE email = ?');
$recup_insert->execute(array($recup_code,$recup_mail));
} else {
$recup_insert = $DB->prepare('INSERT INTO recuperation(email,code) VALUES (?, ?)');
$recup_insert->execute(array($recup_mail,$recup_code));
}
$header="MIME-Version: 1.0\r\n";
$header.='From:"[VOUS]"<votremail@mail.com>'."\n";
$header.='Content-Type:text/html; charset="utf-8"'."\n";
$header.='Content-Transfer-Encoding: 8bit';
$message = '
<html>
<head>
<title>Récupération de mot de passe - Votresite</title>
<meta charset="utf-8" />
</head>
<body>
<font color="#303030";>
<div align="center">
<table width="600px">
<tr>
<td>
<div align="center">Bonjour <b>'.$nom.'</b>,</div>
Voici votre code de récupération: <b>'.$recup_code.'</b>
A bientôt sur <a href="http://www.ndameyong.com">Ndameyong.com</a> !
</td>
</tr>
<tr>
<td align="center">
<font size="2">
Ceci est un email automatique, merci de ne pas y répondre
</font>
</td>
</tr>
</table>
</div>
</font>
</body>
</html>
';
mail($recup_mail, "Récupération de mot de passe - Votresite", $message, $header);
header("Location:http://127.0.0.1/ndameyong/recuperation.php?section=code");
} else {
$error = "Cette adresse mail n'est pas enregistrée";
}
} else {
$error = "Adresse mail invalide";
}
} else {
$error = "Veuillez entrer votre adresse mail";
}
}
if(isset($_POST['verif_submit'],$_POST['verif_code'])) {
if(!empty($_POST['verif_code'])) {
$verif_code = htmlspecialchars($_POST['verif_code']);
$verif_req = $DB->prepare('SELECT id FROM recuperation WHERE email = ? AND code = ?');
$verif_req->execute(array($_SESSION['recup_mail'],$verif_code));
$verif_req = $verif_req->rowCount();
if($verif_req == 1) {
$up_req = $DB->prepare('UPDATE recuperation SET confirme = 1 WHERE email = ?');
$up_req->execute(array($_SESSION['recup_mail']));
header('Location:http://127.0.0.1/ndameyong /recuperation.php?section=changepassword');
} else {
$error = "Code invalide";
}
} else {
$error = "Veuillez entrer votre code de confirmation";
}
}
if(isset($_POST['change_submit'])) {
if(isset($_POST['change_password'],$_POST['change_passwordc'])) {
$verif_confirme = $DB->prepare('SELECT confirme FROM recuperation WHERE email = ?');
$verif_confirme->execute(array($_SESSION['recup_mail']));
$verif_confirme = $verif_confirme->fetch();
$verif_confirme = $verif_confirme['confirme'];
if($verif_confirme == 1) {
$password = htmlspecialchars($_POST['change_password']);
$passwordc = htmlspecialchars($_POST['change_passwordc']);
if(!empty($password) AND !empty($passwordc)) {
if($password == $passwordc) {
$password = sha1($password);
$ins_password = $DB->prepare('UPDATE users SET password = ? WHERE email = ?');
$ins_password->execute(array($password,$_SESSION['recup_mail']));
$del_req = $DB->prepare('DELETE FROM recuperation WHERE email = ?');
$del_req->execute(array($_SESSION['recup_mail']));
header('Location:http://127.0.0.1/ndameyong/login/');
} else {
$error = "Vos mots de passes ne correspondent pas";
}
} else {
$error = "Veuillez remplir tous les champs";
}
} else {
$error = "Veuillez valider votre mail grâce au code de vérification qui vous a été envoyé par mail";
}
} else {
$error = "Veuillez remplir tous les champs";
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Mot de passe oublié</title>
</head>
<body>
<h4 class="title-element">Récupération de mot de passe</h4>
<?php if($section == 'code') { ?>
Un code de vérification vous a été envoyé par mail: <?= $_SESSION['recup_mail'] ?>
<br/>
<form method="post">
<input type="text" placeholder="Code de vérification" name="verif_code"/><br/>
<input type="submit" value="Valider" name="verif_submit"/>
</form>
<?php } elseif($section == "changepassword") { ?>
Nouveau mot de passe pour <?= $_SESSION['recup_mail'] ?>
<form method="post">
<input type="password" placeholder="Nouveau mot de passe" name="change_password"/><br/>
<input type="password" placeholder="Confirmation du mot de passe" name="change_passwordc"/><br/>
<input type="submit" value="Valider" name="change_submit"/>
</form>
<?php } else { ?>
<form method="post">
<input type="email" placeholder="Votre adresse mail" name="recup_mail"/><br/>
<input type="submit" value="Valider" name="recup_submit"/>
</form>
<?php } ?>
<?php if(isset($error)) { echo '<span style="color:red">'.$error.'</span>'; } else { echo ""; } ?>
</body>
</html>
Ps: dB.php se trouve dans le fichier include Merci d’avance
Édit Arius : correction mise en forme du code
+0
-0
