Salut,j'utilise MyCMS de Billstrack,je suis inscrit je me suis redirigé vers /profil tout est bien,j'ai déconnécté,je suis reco et tout se bloque dans : Bien joué,connexion en cours -(index)
,tu rafrachi et tu es redirigé enfin vers profil .et si tu réinscrit tout ça marche ,mais dans la connexion sa marche pas,voilà le code du index :
<?PHP
/*
+---------------------------------------------------+
| MyCMS - Release 1 |
+---------------------------------------------------+
| Copyright © 2016 BillsTrack |
+---------------------------------------------------+
| MyCMS est une oeuvre de BillsTrack |
| Merci de respecté les copyright. |
+---------------------------------------------------+
*/
require_once("./functions.php");
$pagename = "Accueil";
$pageid = "index";
if($maintenance == '1'){
header('location: '.$url.'/maintenance/');
exit();
}
if(isset($_SESSION['username']))
{
Redirect("".$url."/profil.php");
}
if(isset($_POST['loginsubmit'])){
if(isset($_GET['do']) && $_GET['do'] == 'connect'){
if(isset($_POST['username']) && isset($_POST['password'])) {
$verif_ban_ip = $bdd->query('SELECT * FROM bans');
$banipreq = $verif_ban_ip->fetch(PDO::FETCH_ASSOC);
$username = Secu($_POST['username']);
$password = MYCMSHash($_POST['password']);
if(empty($username) || empty($password)) {
$erreur = "Merci de remplir les champs vides.";
} else {
$sql = $bdd->prepare("SELECT id FROM users WHERE username = ? AND password = ? LIMIT 1");
$sql->execute(array($username, $password));
$row = $sql->rowCount();
$assoc = $sql->fetch(PDO::FETCH_ASSOC);
if($row < 1)
{
$erreur = "Ton pseudo et/ou ton mot de passe est incorrect.";
}
else
{
if($banipreq['value'] == "{$_SERVER['REMOTE_ADDR']}" AND $banipreq['bantype'] == "ip"){
$erreur = "Vous avez été bannis IP.";
}elseif($banipreq['value'] == "{$username}" OR $banipreq['bantype'] == "user" OR $banipreq['bantype'] == "machine"){
$stamp_expire = $banipreq['expire'];
$expire = date('d/m/Y H:i:s', $banipreq['expire']);
$erreur = "Vous avez été bannis pour la raison suivante: <b>".$banipreq['reason']."</b>, il expire le ".$expire."";
}else{
$success = "Connexion en cours...";
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header( "refresh:3;url=".$url."/profil.php" );
}
}
}
}
}
}
//INSCRIPTION
if(isset($_POST['registersubmit'])){
if(isset($_GET['do']) && $_GET['do'] == 'register'){
$pseudo = Secu($_POST['bean_name']);
$email = Secu($_POST['bean_email']);
$motdepasse = Secu($_POST['bean_password']);
$remotdepasse = Secu($_POST['bean_repassword']);
$filtre_pseudo = preg_replace("/[^a-z\d\-=\?!@:\.]/i", "", $pseudo);
$verifmail = preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $email);
$selectuser = $bdd->prepare("SELECT id FROM users WHERE username = ? LIMIT 1");
$selectuser->execute(array($pseudo));
$selectuser = $selectuser->rowCount();
if(isset($pseudo) && isset($email) && isset($motdepasse) && isset($remotdepasse) ) {
$errored = false;
if($banipreq['value'] === "{$_SERVER['REMOTE_ADDR']}" AND $banipreq['bantype'] === "ip"){
$erreur = "Vous avez été bannis IP.";
}else{
if($selectuser > 0){
$message = "Ton pseudo est déjà utilisé.";
$errored = true;
} elseif($filtre_pseudo !== $pseudo) {
$message = "Ton pseudo contient des caractères non-autorisé.";
$errored = true;
} elseif(strlen($pseudo) > 24) {
$message = "Ton pseudo est trop long.";
$errored = true;
} elseif(strlen($pseudo) < 1) {
$message = "Merci d'entrer un pseudo.";
$errored = true;
}
if($motdepasse != $remotdepasse) {
$message = "Les mots de passe ne correspondent pas.";
$errored = true;
} elseif(strlen($motdepasse) < 6) {
$message = "Ton mot de passe est trop court.";
$errored = true;
}
if(strlen($email) < 6) {
$message = "Ton adresse e-mail est invalide.";
$errored = true;
} elseif($verifmail !== 1) {
$message = "Ton adresse e-mail est invalide.";
$errored = true;
}
$mdp = MYCMSHash($motdepasse);
if($errored == false) {
$insertusera = $bdd->prepare("INSERT INTO users (username, password, mail, rank, last_online, ip_reg) VALUES (:pseudo, :mdp, :mail, '1', :date, :ip)");
$insertusera->bindValue(':pseudo', $pseudo);
$insertusera->bindValue(':mdp', $mdp);
$insertusera->bindValue(':mail', $email);
$insertusera->bindValue(':date', time());
$insertusera->bindValue(':ip', $_SERVER["REMOTE_ADDR"]);
$insertusera->execute();
$_SESSION['username'] = $pseudo;
$_SESSION['password'] = $mdp;
Redirect(''.$url.'/profil.php');
exit();
}
}
}
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<meta http-equiv="content-type" content="text/html;charset=UTF-8" />
<head>
<meta charset="utf-8"/>
<title><?= $sitename; ?>: <?= $pagename; ?></title>
<link rel="stylesheet" href="<?= $imagepath; ?>css/bootstrap.min.index.css"/>
<link rel='icon' type='image/ico' href='<?= $imagepath; ?>img/favicon.ico'/>
<link href='https://fonts.googleapis.com/css?family=Lato:400,300,100' rel='stylesheet' type='text/css'>
<link href='https://fonts.googleapis.com/css?family=Open+Sans:400,700,600,300,300italic,400italic,600italic,700italic,800,800italic' rel='stylesheet' type='text/css'>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
<link href='https://fonts.googleapis.com/css?family=Ubuntu:400,300,300italic,400italic,500,500italic,700,700italic' rel='stylesheet' type='text/css'>
</head>
<body>
<div class="container" style="margin-top: 40px;">
<br><br><br><br><br><br>
<img src="http://habbofont.com/font/habbo_big_new/<?= $sitename; ?>.gif" class="img-responsive" style="float: left;margin-top: -68px;">
<?PHP if(isset($erreur)){echo "<div class='alert alert-danger'><b>Oops!</b> ".$erreur."</div>"; } ?>
<?PHP if(isset($message)){echo "<div class='alert alert-danger'><b>Oops!</b> ".$message."</div>"; } ?>
<?PHP if(isset($success)){echo "<div class='alert alert-success'><b>Bien joué!</b> ".$success."</div>"; } ?>
<div class="panel panel-default" id="loginBox">
<div class="panel-body">
<div class="row">
<div class="col-md-8">
<div id="people-inside"><b><span><span class="stats-fig" class="img-responsive"><?PHP $tmp = $bdd->query("SELECT users_online FROM server_status LIMIT 1");
$tma = $tmp->fetch(PDO::FETCH_ASSOC);
echo $tma['users_online']; ?></span> <?= $sitename; ?> en-ligne</span></b><i></i></div>
<img src="assets/img/daily.png" class="img-responsive" width="715px"/>
</div>
<div class="col-md-4">
<h3>SE CONNECTER</h3>
<form action="?do=connect" method="post">
<div class="form-group">
<input type="text" class="customField" placeholder="Pseudo" name="username"/>
</div>
<div class="form-group">
<input type="password" class="customField" placeholder="•••••••••" name="password">
</div>
<div class="form-group"> <input type="checkbox" name="log-remember"/> Se souvenir de moi </div>
<div class="form-group"> <input type="submit" class="customGreenButton" name="loginsubmit" value="VALIDER" style="width: 100%"> </div>
<div class="form-group"> <button type="button" class="customRedButton" id="goRegister" style="width: 100%">INSCRIPTION</button> </div>
</form>
</div>
</div>
</div>
</div>
<div class="panel panel-default" id="registerBox" style="display: none">
<div class="panel-body">
<div class="row">
<div class="col-md-8">
<div id="people-inside"><b><span><span class="stats-fig" class="img-responsive"><?PHP $tmp = $bdd->query("SELECT users_online FROM server_status LIMIT 1");
$tma = $tmp->fetch(PDO::FETCH_ASSOC);
echo $tma['users_online']; ?></span> <?= $sitename; ?> en-ligne</span></b><i></i></div>
<img src="assets/img/daily.png" class="img-responsive" width="715px"/>
</div>
<div class="col-md-4">
<h3>S'INSCRIRE</h3>
<form action="?do=register" method="post">
<div class="form-group">
<input type="text" class="customField" placeholder="Pseudo" name="bean_name"/>
</div>
<div class="form-group">
<input type="email" class="customField" placeholder="
[email protected]" name="bean_email"/>
</div>
<div class="form-group">
<input type="password" class="customField" placeholder="•••••••••••••" name="bean_password">
</div>
<div class="form-group">
<input type="password" class="customField" placeholder="•••••••••••••" name="bean_repassword">
</div>
<div class="form-group"> <input type="submit" class="customGreenButton" name="registersubmit" value="VALIDER" style="width: 100%"> </div>
<div class="form-group"> <button type="button" class="customRedButton" id="goBack" style="width: 100%">RETOUR EN ARRIÈRE</button></div>
</form>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-body">
<div class="subimage1"></div>
<?= $sitename; ?> est un monde virtuel gratuit où vous pouvez discuter, rencontrer plein de personnes. Il est également possible de créer votre propre chambre.
</div>
</div>
</div>
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-body">
<div class="subimage2"></div>
Sur <?= $sitename; ?> vous pouvez vous faire beaucoup de nouveaux amis, discuter avec eux, jouer au football ou aider à la construction d'une chambre.
</div>
</div>
</div>
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-body">
<div class="subimage3"></div>
Construisez votre propre chambre, participer aux compétitions, devenez le plus riche de l'hôtel et devenez le plus célèbre.</div>
</div>
</div>
</div>
</div>
<script type="text/javascript" src="assets/js/auth.44226722376.js"></script>
</body>
</html>