Commit 48fb7168a8b9625da8ea0a9ac694de1d96735a14
1 parent
d1991cf1
api/deconnexion
Showing
3 changed files
with
41 additions
and
2 deletions
Show diff stats
api/commun.php
| ... | ... | @@ -30,7 +30,22 @@ function donne($parametre) { // Vérifie si le paramètre est donné |
| 30 | 30 | } |
| 31 | 31 | } |
| 32 | 32 | |
| 33 | -mysqli_report(MYSQLI_REPORT_ALL); | |
| 33 | +function verifierJeton($jeton) { | |
| 34 | + global $db, $login, $droit; | |
| 35 | + $requete = $db->prepare("SELECT Utilisateurs.login, Utilisateurs.droit FROM Utilisateurs JOIN Sessions ON Utilisateurs.login=Sessions.utilisateur WHERE Sessions.jeton=?"); | |
| 36 | + $requete->bind_param("s", $jeton); | |
| 37 | + $requete->execute(); | |
| 38 | + $requete->bind_result($login, $droit); | |
| 39 | + if (!$requete->fetch()) { | |
| 40 | + retour("jeton_invalide"); | |
| 41 | + } | |
| 42 | + $requete->close(); | |
| 43 | +} | |
| 44 | + | |
| 45 | +// Variables globales | |
| 46 | + | |
| 47 | +$login = ""; | |
| 48 | +$droit = 0; | |
| 34 | 49 | |
| 35 | 50 | // Connexion à la base de donnée |
| 36 | 51 | $db = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME); |
| ... | ... | @@ -45,4 +60,5 @@ if (!defined("CRYPT_BLOWFISH") || !CRYPT_BLOWFISH) { |
| 45 | 60 | } |
| 46 | 61 | |
| 47 | 62 | |
| 63 | + | |
| 48 | 64 | ?> | ... | ... |
api/connexion.php renamed to api/utilisateur/connexion.php
| ... | ... | @@ -0,0 +1,23 @@ |
| 1 | +<?php | |
| 2 | + | |
| 3 | +require_once("../commun.php"); | |
| 4 | + | |
| 5 | + | |
| 6 | +// Vérification des paramètres | |
| 7 | + | |
| 8 | +if (!donne("jeton")) { | |
| 9 | + retour("requete_malformee"); | |
| 10 | +} | |
| 11 | + | |
| 12 | +verifierJeton(donne("jeton")); | |
| 13 | + | |
| 14 | +$jeton = donne("jeton"); | |
| 15 | + | |
| 16 | +$requete = $db->prepare("DELETE FROM Sessions WHERE jeton=?"); | |
| 17 | +$requete->bind_param("s", $jeton); | |
| 18 | +$requete->execute(); | |
| 19 | +$requete->close(); | |
| 20 | + | |
| 21 | +retour("ok"); | |
| 22 | + | |
| 23 | +?> | ... | ... |