fix password problem
This commit is contained in:
+23
-18
@@ -1,5 +1,5 @@
|
||||
|
||||
|
||||
const hashedAdminPassword = "7215d31f702fe2faf2a7df114c6427007bd254740c6b9cbaa2a5505060088929";
|
||||
|
||||
async function SqlRequest(action, params = {}) {
|
||||
try {
|
||||
@@ -92,23 +92,28 @@ async function joinGameAsAdmin(gameId) {
|
||||
// Récupérer le formulaire de admin-login
|
||||
const adminLoginForm = document.getElementById('admin-login-form');
|
||||
|
||||
if (adminLoginForm) {
|
||||
adminLoginForm.addEventListener('submit', async function(event) {
|
||||
event.preventDefault();
|
||||
const password = document.getElementById('admin-password').value;
|
||||
const urlParams = new URLSearchParams(window.location.search);
|
||||
const gameId = urlParams.get('game_id');
|
||||
const response = await SqlRequest('adminLogin', {
|
||||
password: password,
|
||||
game_id: gameId
|
||||
});
|
||||
adminLoginForm.addEventListener('submit', async function(event) {
|
||||
event.preventDefault();
|
||||
// Désactiver le bouton pour éviter les soumissions multiples
|
||||
const password = this.querySelector('input[type="password"]').value;
|
||||
const urlParams = new URLSearchParams(window.location.search);
|
||||
const gameId = urlParams.get('game_id');
|
||||
// Vérification du mot de passe
|
||||
const hashedInputPassword = CryptoJS.SHA256(password).toString();
|
||||
|
||||
if (response.success) {
|
||||
window.location.href = `admin-game.html?game_id=${gameId}`;
|
||||
} else {
|
||||
alert("Identifiants incorrects. Veuillez réessayer.");
|
||||
}
|
||||
});
|
||||
}
|
||||
if (hashedInputPassword !== hashedAdminPassword) {
|
||||
alert("Mot de passe incorrect. Veuillez réessayer.");
|
||||
return;
|
||||
}
|
||||
|
||||
// Requete SQL pour définir l'utilisateur comme admin du jeu
|
||||
const response = await SqlRequest('adminLogin', {game_id: gameId});
|
||||
|
||||
if (response.success) {
|
||||
window.location.href = `admin-game.html?game_id=${gameId}`; // Redirige vers la page d'administration du jeu
|
||||
} else {
|
||||
alert("Erreur lors de la connexion. Veuillez réessayer."); // Affiche une alerte en cas d'erreur
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
|
||||
@@ -227,17 +227,15 @@ switch ($action) {
|
||||
break;
|
||||
|
||||
case 'adminLogin':
|
||||
$stmt = $pdo->prepare("SELECT * FROM admins WHERE game_id = ? AND password = ?");
|
||||
$stmt->execute([$params['game_id'], $params['password']]);
|
||||
$admin = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
if ($admin) {
|
||||
$response = ['success' => true];
|
||||
session_start();
|
||||
$_SESSION['admin_logged_in'] = true;
|
||||
$_SESSION['game_id'] = $params['game_id'];
|
||||
} else {
|
||||
$response = ['error' => 'Mot de passe incorrect'];
|
||||
// On vérifie si l'utilisateur est déjà admin
|
||||
session_start();
|
||||
if (isset($_SESSION['admin_logged_in']) && $_SESSION['admin_logged_in'] === true) {
|
||||
$response = ['success' => true, 'message' => 'Déjà connecté en tant qu\'admin'];
|
||||
break;
|
||||
}
|
||||
// On dit que l'utilisateur est admin
|
||||
$_SESSION['admin_logged_in'] = true;
|
||||
$response = ['success' => true, 'message' => 'Connexion admin réussie'];
|
||||
break;
|
||||
|
||||
case 'is_admin':
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
</head>
|
||||
<body>
|
||||
<h1>Admin Login</h1>
|
||||
<form id="adminLoginForm">
|
||||
<form id="admin-login-form">
|
||||
<label for="adminPassword">Mot de passe administrateur :</label>
|
||||
<input type="password" id="adminPassword" name="adminPassword" required>
|
||||
<br><br>
|
||||
|
||||
Reference in New Issue
Block a user