site-accueil-insa/admin/index.php

<?php
$page = "index";
include "script.php";
if(isset($_POST['login'])) {
    if (!empty($_POST['pseudo']) and !empty($_POST['password'])) {
        $pseudo = htmlspecialchars($_POST['pseudo']);
        $password = htmlspecialchars($_POST['password']);

        $req = $db->prepare("SELECT id, mdp FROM admin WHERE pseudo = ?");
        $req->execute(array($pseudo));
        $user_exist = $req->rowcount();
        if ($user_exist == 1) {
            while ($user_login = $req->fetch()) {
                $passwd = $user_login['mdp'];
                if ((password_verify($password, $passwd)) == 1) {
                	$_SESSION['id'] = $user_login['id'];
                	header('Refresh:0');
                } else {
                    $error = "Mot de passe invalide !";
                }
            }
        } else {
            $error = "Identifiant invalide !";
        }
    } else {
        $error = "Tout les champs doivent être complétés";
    }
}
?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Admin / index</title>
</head>
<body>
    <main>
    <?php
    if(isset($_SESSION['id'])) {
        echo "Connecté sous l'identifiant : ".$user['pseudo'];
        echo "<br><br>Accès : ";
        switch ($user['perm']) {
        case 0:
            echo "<font color='green'>GDA</font>";
            break;
        case 1:
            echo "<font color='orange'>Bureau</font>";
            break;
        case 2:
            echo "<font color='red'>Admin</font>";
            break;
        }
    } else {
    ?>
	<form method="POST">
		<input type="text" placeholder="Identifiant" name="pseudo" class="input">
		<input type="password" placeholder="mot de passe" name="password" class="input">
		<input type="submit" name="login" value="Se connecter" class="submit">
	</form>
	<?php
    }
	if(isset($error)) {
		echo "<font color='red'>".$error."</font>";
	}
	?>
    </main>
</body>
</html>