From 0324f4f9df957ed3864cf804fe7146148cac29a1 Mon Sep 17 00:00:00 2001
From: enzo <enzo.lopez-toscano@lasallesaintdenis.com>
Date: Sat, 25 Oct 2025 16:18:01 +0200
Subject: [PATCH] amelioration

---
 pass_hash                          | 26 --------------------------
 php/pass_hash.php                  | 24 ++++++++++++++++++++++++
 pass_verify => php/pass_verify.php | 14 ++++++--------
 php/pdo.php                        | 14 ++++++++++++++
 sql tables => sql/tables.sql       |  5 ++++-
 5 files changed, 48 insertions(+), 35 deletions(-)
 delete mode 100644 pass_hash
 create mode 100644 php/pass_hash.php
 rename pass_verify => php/pass_verify.php (63%)
 create mode 100644 php/pdo.php
 rename sql tables => sql/tables.sql (66%)

diff --git a/pass_hash b/pass_hash
deleted file mode 100644
index 1597834..0000000
--- a/pass_hash
+++ /dev/null
@@ -1,26 +0,0 @@
-<?php
-$serveur = "localhost";
-$dbname = "my_sql_projet";
-$user = "root";
-$pass = "";
-
-$login = "test";
-$password_clair = "Ciel2025$";
-
-$password_hash = password_hash($password_clair, PASSWORD_DEFAULT);
-
-try {
-    $pdo = new PDO("mysql:host=$serveur;dbname=$dbname", $user, $pass);
-    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
-    $sql = "INSERT INTO utilisateur (login, password) VALUES (?, ?)";
-    $stmt = $pdo->prepare($sql);
-    
-    $stmt->execute([$login, $password_hash]);
-
-    print "Utilisateur '$login' créé avec succès !";
-
-} catch (PDOException $e) {
-    print "Erreur d'insertion : " . $e->getMessage();
-}
-?>
\ No newline at end of file
diff --git a/php/pass_hash.php b/php/pass_hash.php
new file mode 100644
index 0000000..1255cde
--- /dev/null
+++ b/php/pass_hash.php
@@ -0,0 +1,24 @@
+<?php
+require_once 'pdo.php';
+
+$login = "utilisateur";
+$password_clair = "Ciel2025$";
+
+$password_hash = password_hash($password_clair, PASSWORD_DEFAULT);
+
+try {
+    $sql = "INSERT INTO utilisateur (login, password) VALUES (?, ?)";
+    $stmt = $pdo->prepare($sql);
+    
+    $stmt->execute([$login, $password_hash]);
+
+    print "$login créé avec succès !";
+
+} catch (PDOException $e) {
+    
+    if ($e->errorInfo[1] == 1062) {
+        print "Nom d’utilisateur déjà utilisé. Merci de changer.";
+    } else {
+        print "Erreur d'insertion : " . $e->getMessage();
+    }
+}
\ No newline at end of file
diff --git a/pass_verify b/php/pass_verify.php
similarity index 63%
rename from pass_verify
rename to php/pass_verify.php
index 2db59bd..9205e8a 100644
--- a/pass_verify
+++ b/php/pass_verify.php
@@ -1,16 +1,10 @@
 <?php
-$serveur = "localhost";
-$dbname = "my_sql_projet";
-$user = "root";
-$pass = "";
+require_once 'pdo.php';
 
 $login_saisi = "test";
 $password_saisi = "Ciel2025$";
 
 try {
-    $pdo = new PDO("mysql:host=$serveur;dbname=$dbname", $user, $pass);
-    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
     $sql = "SELECT * FROM utilisateur WHERE login = ?";
     $stmt = $pdo->prepare($sql);
     $stmt->execute([$login_saisi]);
@@ -19,7 +13,11 @@ try {
 
     if ($utilisateur && password_verify($password_saisi, $utilisateur['password'])) {
         
-        print "Connexion réussie ! Bienvenue, " . $utilisateur['login'];
+        session_start();
+        $_SESSION['user_id'] = $utilisateur['id'];
+        $_SESSION['user_login'] = $utilisateur['login'];
+        
+        print "Bienvenue, " . htmlspecialchars($utilisateur['login']);
 
     } else {
         print "Login ou mot de passe incorrect.";
diff --git a/php/pdo.php b/php/pdo.php
new file mode 100644
index 0000000..f18319a
--- /dev/null
+++ b/php/pdo.php
@@ -0,0 +1,14 @@
+<?php
+$serveur = "localhost";
+$dbname = "my_sql_projet";
+$user = "root";
+$pass = "root"; 
+
+try {
+    $pdo = new PDO("mysql:host=$serveur;dbname=$dbname", $user, $pass);
+    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+} catch (PDOException $e) {
+    print "Erreur de connexion à la BDD : " . $e->getMessage();
+    die(); 
+}
+?>
\ No newline at end of file
diff --git a/sql tables b/sql/tables.sql
similarity index 66%
rename from sql tables
rename to sql/tables.sql
index 84d37b1..7b0a077 100644
--- a/sql tables	
+++ b/sql/tables.sql
@@ -9,4 +9,7 @@ CREATE TABLE utilisateur (
     id INT AUTO_INCREMENT PRIMARY KEY,
     login VARCHAR(50) UNIQUE,
     password VARCHAR(255)
-); 
\ No newline at end of file
+); 
+
+INSERT INTO utilisateur (login, password) 
+VALUES ('admin', '$2y$10$6x.tcoBWiyaFYlS6zB4E3OQppSP6agShnCA4eX0OPYD.7acI7/4wu');
\ No newline at end of file