Untitled

<?php
/*
+---------------------------------------------------+
| MyCMS - Release 1									|
+---------------------------------------------------+
| Copyright © 2016 BillsTrack						|
+---------------------------------------------------+
| MyCMS est une oeuvre de BillsTrack				|
| Merci de respecté les copyright.					|
+---------------------------------------------------+
*/

require_once "../functions.php";

if(isset($_SESSION['username']))
	{
		Redirect("".$url."/managements/index.php");
	}

if(isset($_POST['loginsubmit'])){
	if(isset($_GET['do']) && $_GET['do'] == 'connect'){
				if(isset($_POST['username']) && isset($_POST['password'])) {
						$username = Secu($_POST['username']);
						$password = MYCMSHash($_POST['password']);
							if(empty($username) || empty($password)) {
										$erreur = "<font color='red'>Merci de remplir les champs vides.</font>";
				            } else {
										$sql = $bdd->prepare("SELECT id FROM users WHERE username = ? AND password = ? LIMIT 1");
										$sql->execute(array($username,$password));
										$row = $sql->rowCount();
										$assoc = $sql->fetch(PDO::FETCH_ASSOC);

							if($row < 1)
									{
										$erreur = "<font color='red'>Ton pseudo et/ou ton mot de passe est incorrect.</font>";
									}
							else
									{
										if($assoc['rank'] <= 4){
											$erreur = "<font color='red'>Vous devez être membre du staff pour pouvoir acceder à l'administration.</font>";
										}else{

									$success = "<font color='green'>Connexion en cours...</font>";
									$_SESSION['username'] = $username;
									$_SESSION['password'] = $password;
									header( "refresh:3;url=".$url."/managements/" );

									}
							}}

						}
					}
				}
?>
<!DOCTYPE html>
<html >
  <head>
    <meta charset="UTF-8">
    <title>Administration</title>
        <link rel="stylesheet" href="css/style2.css">
		<link rel="shortcut icon" href="../assets/img/favicon.ico" type="image/x-icon">
  </head>

  <body>

    <body class="align">

  <div class="site__container">

    <div class="grid__container">
<center><img src='http://habbofont.com/font/habbo_big_new/<?= $sitename; ?>.gif'></center><br>
	  <?php if(isset($erreur)){ echo $erreur; } ?>
	  <?php if(isset($success)){ echo $success; } ?>

      <form action="?do=connect" method="post" class="form form--login">
<p>Vous devez être un administrateur pour pouvoir vous connecter.</p>
        <div class="form__field">
          <label class="fontawesome-user" for="login__username"><span class="hidden">Pseudo</span></label>
          <input name="username" type="text" class="form__input" placeholder="Pseudo" required>
        </div>

        <div class="form__field">
          <label class="fontawesome-lock" for="login__password"><span class="hidden">Mot de passe</span></label>
          <input name="password" type="password" class="form__input" placeholder="Mot de passe" required>
        </div>

        <div class="form__field">
          <input type="submit" name="loginsubmit" value="Se connecter">
        </div>

      </form>


    </div>

  </div>

</body>


  </body>
</html>