diff options
| author | polo <ordipolo@gmx.fr> | 2025-05-29 12:43:52 +0200 |
|---|---|---|
| committer | polo <ordipolo@gmx.fr> | 2025-05-29 12:43:52 +0200 |
| commit | fa5a9a434f02f16166d1098f8a60f067830720eb (patch) | |
| tree | c96022850f0f9fcbaa340c79d56e5911bd5cf75b /src | |
| parent | 99e990c131b5fa122984a869bea95f3e9074bc7b (diff) | |
| download | cms-fa5a9a434f02f16166d1098f8a60f067830720eb.tar.gz cms-fa5a9a434f02f16166d1098f8a60f067830720eb.tar.bz2 cms-fa5a9a434f02f16166d1098f8a60f067830720eb.zip | |
logs connections failed
Diffstat (limited to 'src')
| -rw-r--r-- | src/controller/password.php | 6 | ||||
| -rw-r--r-- | src/model/entities/Log.php | 6 |
2 files changed, 10 insertions, 2 deletions
diff --git a/src/controller/password.php b/src/controller/password.php index 2189326..5573a33 100644 --- a/src/controller/password.php +++ b/src/controller/password.php | |||
| @@ -165,9 +165,10 @@ function connect(LoginBuilder $builder, EntityManager $entityManager) | |||
| 165 | // enregistrement et redirection | 165 | // enregistrement et redirection |
| 166 | if(!empty($user) && $login === $user->getLogin() && password_verify($password, $user->getPassword())) | 166 | if(!empty($user) && $login === $user->getLogin() && password_verify($password, $user->getPassword())) |
| 167 | { | 167 | { |
| 168 | $log = new Log; | 168 | $log = new Log(true); |
| 169 | $entityManager->persist($log); | 169 | $entityManager->persist($log); |
| 170 | $entityManager->flush(); | 170 | $entityManager->flush(); |
| 171 | |||
| 171 | session_regenerate_id(true); // protection fixation de session, si l'attaquant a créé un cookie de session (attaque XSS), il est remplacé | 172 | session_regenerate_id(true); // protection fixation de session, si l'attaquant a créé un cookie de session (attaque XSS), il est remplacé |
| 172 | //unset($_SESSION['captcha']); | 173 | //unset($_SESSION['captcha']); |
| 173 | $_SESSION['user'] = $login; | 174 | $_SESSION['user'] = $login; |
| @@ -179,6 +180,9 @@ function connect(LoginBuilder $builder, EntityManager $entityManager) | |||
| 179 | } | 180 | } |
| 180 | else | 181 | else |
| 181 | { | 182 | { |
| 183 | $log = new Log(false); | ||
| 184 | $entityManager->persist($log); | ||
| 185 | $entityManager->flush(); | ||
| 182 | $error = 'bad_login_or_password'; | 186 | $error = 'bad_login_or_password'; |
| 183 | } | 187 | } |
| 184 | } | 188 | } |
diff --git a/src/model/entities/Log.php b/src/model/entities/Log.php index 7c2caa9..06a907e 100644 --- a/src/model/entities/Log.php +++ b/src/model/entities/Log.php | |||
| @@ -22,7 +22,11 @@ class Log | |||
| 22 | //#[ORM\Column(type: 'datetime', columnDefinition: "TIMESTAMP DEFAULT CURRENT_TIMESTAMP")] | 22 | //#[ORM\Column(type: 'datetime', columnDefinition: "TIMESTAMP DEFAULT CURRENT_TIMESTAMP")] |
| 23 | private ?\DateTime $date_time ; // le type datetime de doctrine convertit en type \DateTime de PHP | 23 | private ?\DateTime $date_time ; // le type datetime de doctrine convertit en type \DateTime de PHP |
| 24 | 24 | ||
| 25 | public function __construct(){ | 25 | #[ORM\Column(type: "boolean")] |
| 26 | private bool $success; | ||
| 27 | |||
| 28 | public function __construct(bool $success){ | ||
| 26 | $this->date_time = new \DateTime(); | 29 | $this->date_time = new \DateTime(); |
| 30 | $this->success = $success; | ||
| 27 | } | 31 | } |
| 28 | } | 32 | } |