<?php session_start(); $bdd = new PDO('mysql:host=localhost;dbname=####', '####', '####'); if(isset($_GET['id']) AND $_GET['id'] > 0 AND isset($_SESSION['id']) AND $_SESSION['id'] > 0) { $getid = intval($_GET['id']); $requser = $bdd->prepare('SELECT * FROM membres WHERE id = '.$getid); $requser->execute(array($getid)); $userinfo = $requser->fetch(); header("Location: ..\indexauth.php"); } else { if(isset($_POST['formconnexion'])) { $pseudoconnect = htmlspecialchars($_POST['pseudoconnect']); $mdpconnect = sha1($_POST['mdpconnect']); if(!empty($pseudoconnect) AND !empty($mdpconnect)) { $requser = $bdd->prepare("SELECT * FROM membres WHERE pseudo = ? AND motdepasse = ?"); $requser->execute(array($pseudoconnect, $mdpconnect)); $userexist = $requser->rowCount(); if($userexist == 1) { $userinfo = $requser->fetch(); $_SESSION['id'] = $userinfo['id']; $_SESSION['pseudo'] = $userinfo['pseudo']; header("Location: ..\indexauth.php"); } else { $erreur = "Votre identifiant ou votre mot de passe est incorrect !"; } } else { $erreur = "Votre identifiant ou votre mot de passe est incorrect !"; } } } ?>