prepare("SELECT (ID, username, email, display_name) FROM admins WHERE (username = :username OR email = :username) AND password = :password");
$bdd->bindParam(':username', htmlspecialchars($_POST['username']));
$bdd->bindParam(':password', md5($_POST['password']));
$bdd->execute();
$resultat = $req->fetchAll(PDO::FETCH_ASSOC);
if ($resultat) {
$_SESSION['username'] = $resultat[0]['username'];
$_SESSION['email'] = $resultat[0]['email'];
$_SESSION['display_name'] = $resultat[0]['display_name'];
$_SESSION['userid'] = $resultat[0]['ID'];
}
}
}
?>
<?=$title?>
