<form action="login.php" method="POST"> //input login and password

1. <form action="login.php" method="POST">
2. //input login and password
3. </form>
4.  
5. <?php
6.  
7. @session_start();
8.  
9. if ($_POST['url'] == '')
10. {
11. $url = "index.php";
12. }
13. else
14. {
15. $url = $_POST['url'];
16. }
17.  
18. $login = $_POST['login'];
19. $password = $_POST['password'];
20. $password_hash = hash('sha256', $password);
21.  
22. try
23. {
24. $connexion = new PDO('mysql:host=localhost;dbname=data1', 'data1', 'password');
25. $sql_auth = "
26. SELECT *
27. FROM users_list
28. WHERE
29. login= :login AND password= :password
30. LIMIT 1
31. ";
32.  
33. $req_login = $connexion -> prepare("$sql_auth");
34. $req_login -> bindParam(":login", $login, PDO::PARAM_STR);
35. $req_login -> bindParam(":password", $password_hash, PDO::PARAM_STR);
36. $req_login -> execute();
37. $data = $req_login -> fetch();
38.  
39. }
40. catch(Exception $e)
41. {
42. die('Erreur : ' . $e -> getMessage());
43. }
44.  
45. if (!$data)
46. {
47. header("Location: authentication.php");
48. exit;
49.  
50. }
51.  
52. else
53. {
54.  
55. $_SESSION['id_user'] = $data_login['id'];
56. $_SESSION['login'] = $data_login['login'];
57. $_SESSION['first_name'] = $data_login['name'];
58. $_SESSION['id'] = $data_login['id'];
59. $_SESSION['status'] = $data_login['status'];
60. $_SESSION['logged'] = true;
61.  
62. $req_conn = $connexion -> prepare("SELECT id_user FROM connexion_user WHERE id_user='".$_SESSION['id']."'");
63. $req_conn -> execute();
64. $data_query = $req_conn -> fetch();
65.  
66. if (!$data_query)
67. {
68. $insert_connexion = $connexion -> prepare ("INSERT INTO connexion_user(id_user, last_connexion, count) VALUES('".$_SESSION['id']."',NOW(), 1)");
69. $insert_connexion -> execute();
70. }
71. else
72. {
73. $update_connexion = $connexion -> prepare ("UPDATE connexion_user SET last_connexion=NOW(), count=count+1 WHERE id_user='".$_SESSION['id']."'");
74. $update_connexion -> execute();
75. }
76.  
77. header("Location: $url");
78. exit ;
79.  
80. <?php
81.  
82. session_start();
83.  
84. $_SESSION = array();
85.  
86. if (ini_get("session.use_cookies")) {
87.  
88. $params = session_get_cookie_params();
89.  
90. setcookie(session_name(), '', time() - 42000,
91.  
92. $params["path"], $params["domain"],
93.  
94. $params["secure"], $params["httponly"]
95.  
96. );
97.  
98. }
99.  
100. session_destroy();
101.  
102. header("Location: authentication.php");
103.  
104. exit;
105.  
106. ?>