From fa5a9a434f02f16166d1098f8a60f067830720eb Mon Sep 17 00:00:00 2001
From: polo <ordipolo@gmx.fr>
Date: Thu, 29 May 2025 12:43:52 +0200
Subject: logs connections failed

---
 src/controller/password.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/controller/password.php')

diff --git a/src/controller/password.php b/src/controller/password.php
index 2189326..5573a33 100644
--- a/src/controller/password.php
+++ b/src/controller/password.php
@@ -165,9 +165,10 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
 		// enregistrement et redirection
 		if(!empty($user) && $login === $user->getLogin() && password_verify($password, $user->getPassword()))
 		{
-			$log = new Log;
+			$log = new Log(true);
 			$entityManager->persist($log);
 			$entityManager->flush();
+			
 			session_regenerate_id(true); // protection fixation de session, si l'attaquant a créé un cookie de session (attaque XSS), il est remplacé
 			//unset($_SESSION['captcha']);
 			$_SESSION['user'] = $login;
@@ -179,6 +180,9 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
 		}
 		else
 		{
+			$log = new Log(false);
+			$entityManager->persist($log);
+			$entityManager->flush();
 			$error = 'bad_login_or_password';
 		}
 	}
-- 
cgit v1.2.3