prepare($sqlRequest);
$request->bindParam(":username", htmlspecialchars($_POST['username']));
$request->bindParam(":password", md5($_POST['password']));
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
if ($result) {
$_SESSION['userID'] = $result[0]['ID'];
$_SESSION['userName'] = $result[0]['username'];
$_SESSION['userDisplayName'] = $result[0]['display_name'];
$_SESSION['userLevel'] = $result[0]['level'];
$_SESSION['userAccreditation'] = $result[0]['accreditation'];
$redirectPage = isset($_GET['p']) ? $_GET['p'] : "";
header('Location: /' . $redirectPage);
exit("Login success");
} else {
$status = 'Identifiants incorrects';
}
} else {
$status = 'Caractères illégaux';
}
} else {
$status = 'Les champs ne doivent pas être vides';
}
}
?>