admin/34729-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fd

Browse Source
This commit is contained in:
Flatlogic Bot 2025-10-06 16:45:00 +00:00
parent 518cd35214
commit 10091b24c4
4 changed files with 114 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
db/setup.php
View File

@ -27,6 +27,59 @@ try {
$pdo->exec($sql);
echo "Table 'users' created successfully (if it didn't exist).\n";
// Create servers table
$sql = "
CREATE TABLE IF NOT EXISTS servers (
id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100) NOT NULL,
owner_id INT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE CASCADE
);";
$pdo->exec($sql);
echo "Table 'servers' created successfully.\n";
// Create server_members table
$sql = "
CREATE TABLE IF NOT EXISTS server_members (
id INT AUTO_INCREMENT PRIMARY KEY,
server_id INT NOT NULL,
user_id INT NOT NULL,
joined_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (server_id) REFERENCES servers(id) ON DELETE CASCADE,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
UNIQUE KEY (server_id, user_id)
);";
$pdo->exec($sql);
echo "Table 'server_members' created successfully.\n";
// Create channels table
$sql = "
CREATE TABLE IF NOT EXISTS channels (
id INT AUTO_INCREMENT PRIMARY KEY,
server_id INT NOT NULL,
name VARCHAR(100) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (server_id) REFERENCES servers(id) ON DELETE CASCADE
);";
$pdo->exec($sql);
echo "Table 'channels' created successfully.\n";
// Create messages table
$sql = "
CREATE TABLE IF NOT EXISTS messages (
id INT AUTO_INCREMENT PRIMARY KEY,
channel_id INT NOT NULL,
user_id INT NOT NULL,
message TEXT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (channel_id) REFERENCES channels(id) ON DELETE CASCADE,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
);";
$pdo->exec($sql);
echo "Table 'messages' created successfully.\n";
} catch (PDOException $e) {
die("DB SETUP ERROR: " . $e->getMessage());
}

16
login.php
View File

@ -11,11 +11,11 @@ if (isset($_SESSION['user_id'])) {
$errors = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username'] ?? '');
$email = trim($_POST['email'] ?? '');
$password = $_POST['password'] ?? '';
if (empty($username)) {
$errors[] = 'Le nom d\'utilisateur est requis.';
if (empty($email)) {
$errors[] = 'L\'adresse e-mail est requise.';
}
if (empty($password)) {
$errors[] = 'Le mot de passe est requis.';
@ -24,8 +24,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (empty($errors)) {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
@ -40,7 +40,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
echo '<script>window.location.href = "index.php";</script>';
exit();
} else {
$errors[] = 'Nom d\'utilisateur ou mot de passe incorrect.';
$errors[] = 'Adresse e-mail ou mot de passe incorrect.';
}
} catch (PDOException $e) {
error_log("Login Error: " . $e->getMessage());
@ -75,8 +75,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<?php endif; ?>
<form action="login.php" method="POST" novalidate>
<div class="mb-3">
<label for="username" class="form-label">Nom d'utilisateur</label>
<input type="text" class="form-control" id="username" name="username" required value="<?php echo isset($_POST['username']) ? htmlspecialchars($_POST['username']) : '' ?>">
<label for="email" class="form-label">Adresse e-mail</label>
<input type="email" class="form-control" id="email" name="email" required value="<?php echo isset($_POST['email']) ? htmlspecialchars($_POST['email']) : '' ?>">
</div>
<div class="mb-3">
<label for="password" class="form-label">Mot de passe</label>

63
register.php
View File

@ -8,15 +8,20 @@ $success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username'] ?? '');
$email = trim($_POST['email'] ?? '');
$password = $_POST['password'] ?? '';
if (empty($username)) {
$errors[] = 'Le nom d\'utilisateur est requis.';
}
if (empty($email)) {
$errors[] = 'L\'adresse e-mail est requise.';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'L\'adresse e-mail n\'est pas valide.';
}
if (empty($password)) {
$errors[] = 'Le mot de passe est requis.';
}
// Basic password length validation
if (strlen($password) < 8) {
$errors[] = 'Le mot de passe doit contenir au moins 8 caractères.';
}
@ -25,22 +30,25 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
try {
$pdo = db();
// Check if username already exists
$stmt = $pdo->prepare("SELECT COUNT(*) FROM users WHERE username = ?");
$stmt->execute([$username]);
if ($stmt->fetchColumn() > 0) {
$errors[] = 'Ce nom d\'utilisateur est déjà pris.';
} else {
// Generate unique IDs
$simple_id = generateSimpleId();
$ultra_id = generateUltraId();
// Check if username or email already exists
$stmt = $pdo->prepare("SELECT username, email FROM users WHERE username = ? OR email = ?");
$stmt->execute([$username, $email]);
$existing_user = $stmt->fetch();
if ($existing_user) {
if ($existing_user['username'] === $username) {
$errors[] = 'Ce nom d\'utilisateur est déjà pris.';
}
if ($existing_user['email'] === $email) {
$errors[] = 'Cette adresse e-mail est déjà utilisée.';
}
} else {
// Hash password
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// Insert user
$stmt = $pdo->prepare("INSERT INTO users (username, password, simple_id, ultra_id) VALUES (?, ?, ?, ?)");
$stmt->execute([$username, $hashed_password, $simple_id, $ultra_id]);
$stmt = $pdo->prepare("INSERT INTO users (username, email, password) VALUES (?, ?, ?)");
$stmt->execute([$username, $email, $hashed_password]);
// Get the new user's ID
$user_id = $pdo->lastInsertId();
@ -84,24 +92,21 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<?php endforeach; ?>
</div>
<?php endif; ?>
<?php if ($success): ?>
<div class="alert alert-success">
<p><?php echo htmlspecialchars($success); ?></p>
<p>Redirection vers la page de connexion...</p>
<form action="register.php" method="POST" novalidate>
<div class="mb-3">
<label for="username" class="form-label">Nom d'utilisateur</label>
<input type="text" class="form-control" id="username" name="username" required value="<?php echo isset($_POST['username']) ? htmlspecialchars($_POST['username']) : '' ?>">
</div>
<?php else: ?>
<form action="register.php" method="POST" novalidate>
<div class="mb-3">
<label for="username" class="form-label">Nom d'utilisateur</label>
<input type="text" class="form-control" id="username" name="username" required value="<?php echo isset($_POST['username']) ? htmlspecialchars($_POST['username']) : '' ?>">
</div>
<div class="mb-3">
<label for="password" class="form-label">Mot de passe</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary">S'inscrire</button>
</form>
<?php endif; ?>
<div class="mb-3">
<label for="email" class="form-label">Adresse e-mail</label>
<input type="email" class="form-control" id="email" name="email" required value="<?php echo isset($_POST['email']) ? htmlspecialchars($_POST['email']) : '' ?>">
</div>
<div class="mb-3">
<label for="password" class="form-label">Mot de passe</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary">S'inscrire</button>
</form>
</div>
<div class="card-footer text-center">
<a href="login.php">Déjà un compte ? Connectez-vous</a>

19
utils.php
View File

@ -14,4 +14,23 @@ function redirect($url) {
header('Location: ' . $url);
exit();
}
function get_user_by_id($user_id) {
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$user_id]);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
function get_user_servers($user_id) {
$pdo = db();
$stmt = $pdo->prepare("
SELECT s.* FROM servers s
JOIN server_members sm ON s.id = sm.server_id
WHERE sm.user_id = ?
");
$stmt->execute([$user_id]);
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
?>