= 3 && $_SESSION['login_time'] !== null) {
$temps_ecoule = time() - $_SESSION['login_time'];
if ($temps_ecoule < 300) {
$bloque = true;
$reste = 300 - $temps_ecoule;
$message = "Trop de tentatives. Réessayez dans " . ceil($reste / 60) . " minute(s).";
} else {
$_SESSION['login_attempts'] = 0;
$_SESSION['login_time'] = null;
}
}
if (isset($_GET['registered'])) {
$success = "Compte créé avec succès ! En attente de validation par l'administrateur.";
}
if (!$bloque && $_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if (isset($users[$username]) && password_verify($password, $users[$username]['password'])) {
$_SESSION['login_attempts'] = 0;
$_SESSION['login_time'] = null;
$_SESSION['user'] = $username;
$_SESSION['role'] = $users[$username]['role'];
$_SESSION['last_activity'] = time();
session_regenerate_id(true);
header("Location: dashboard.php");
exit();
} else {
$_SESSION['login_attempts']++;
$_SESSION['login_time'] = time();
$restants = 3 - $_SESSION['login_attempts'];
if ($restants > 0) {
$message = "Identifiants incorrects. Il vous reste $restants essai(s).";
} else {
$message = "Trop de tentatives. Réessayez dans 5 minutes.";
}
}
}
include 'include/header.php';
?>