session_start();session_destroy();session_start();$DATABASE_HOST = 'loca

1. session_start();
2. session_destroy();
3. session_start();
4.  
5. $DATABASE_HOST = 'localhost';
6. $DATABASE_USER = 'user';
7. $DATABASE_PASS = 'mdp';
8. $DATABASE_NAME = 'dbname';
9.  
10. $con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
11. if ( mysqli_connect_errno() ) {
12.  
13.     die ('Failed to connect to MySQL: ' . mysqli_connect_error());
14. }
15.  
16. if ( !isset($_POST['username'], $_POST['password']) ) {
17.  
18.     die ('Please fill both the username and password field!');
19. }
20.  
21. if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
22.  
23.     $stmt->bind_param('s', $_POST['username']);
24.     $stmt->execute();
25.  
26.     $stmt->store_result();
27.  
28.   if ($stmt->num_rows > 0) {
29.     $stmt->bind_result($id, $password);
30.     $stmt->fetch();
31.  
32.     if (password_verify($_POST['password'], $password)) {
33.  
34.         session_regenerate_id();
35.         $_SESSION['loggedin'] = TRUE;
36.         $_SESSION['name'] = $_POST['username'];
37.         $_SESSION['id'] = $id;
38.         header('Location: option.php');
39.     } else {
40.         echo 'Le mot de passe n\'est pas correcte !';
41.         $_SESSION['erreur'] = 'Le mot de passe n\'est pas correcte !';
42.         header('Location: login.php');
43.     }
44. } else {
45.     echo 'le nom d\'utilisateur n\'est pas correcte !';
46.     $_SESSION['erreur'] = 'le nom d\'utilisateur n\'est pas correcte !';
47.     header('Location: login.php');
48. }
49. $stmt->close();
50. }