From 72111d3f417f5629390cfaa68f914024a82cb44f Mon Sep 17 00:00:00 2001 From: polo Date: Tue, 1 Apr 2025 00:26:01 +0200 Subject: =?UTF-8?q?bug=20redirection=20=C3=A0=20la=20connexion=20quand=20m?= =?UTF-8?q?auvais=20login?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/controller/password.php | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/src/controller/password.php b/src/controller/password.php index d5e66ff..47db637 100644 --- a/src/controller/password.php +++ b/src/controller/password.php @@ -159,7 +159,7 @@ function connect(LoginBuilder $builder, EntityManager $entityManager) $user = getUser($login, $entityManager); // enregistrement et redirection - if(password_verify($password, $user->getPassword())) + if(!empty($user) && $login === $user->getLogin() && password_verify($password, $user->getPassword())) { session_start(); $_SESSION['user'] = $login; @@ -286,18 +286,14 @@ function changePassword(EntityManager $entityManager) } -function getUser(string $login, EntityManager $entityManager): User +function getUser(string $login, EntityManager $entityManager): ?User { $users = $entityManager->getRepository('App\Entity\User')->findBy(['login' => $login]); - // détection d'un abus if(count($users) === 0) { $_SESSION['user'] = ''; $_SESSION['admin'] = false; - - header('Location: index.php'); // page création d'un mot de passe à l'attérissage - die; } foreach($users as $user) @@ -307,8 +303,7 @@ function getUser(string $login, EntityManager $entityManager): User return $user; } } - header('Location: ' . new URL); - die; + return null; } -- cgit v1.2.3