<?php session_start(); if (isset($_GET['disconnect'])) { unset($_SESSION['username']); unset($_SESSION['password']); unset($_SESSION['AdminLevel']); session_destroy(); header("location: ./index.php"); } else { if (isset($_SESSION['username']) && isset($_SESSION['password']) && isset($_SESSION['AdminLevel'])) { echo "Bonjour " . $_SESSION['username'] . " vous etes rang : " . $_SESSION['AdminLevel'] . "<br/>"; echo "Liste des modules disponibles: <br/>"; include_once './ModuleLoader.php'; $moduleLoader = new ModuleLoader("./Modules"); $modules = $moduleLoader->getModules(); foreach ($modules as $currentModule) { if ($_SESSION['AdminLevel'] >= $currentModule['requiredAdminLevel']) { //if you have the right to access the module echo '<a href="' . $currentModule['modulePath'] . '">' . $currentModule['moduleName'] . '</a> Required admin level: ' . $currentModule['requiredAdminLevel'] . '<br/>'; } } echo "<br/><br/><a href='./index.php?disconnect'>Se deconnecter</a>"; } else { if (isset($_POST['username']) && isset($_POST['password'])) { try { $bdd = new PDO('mysql:host=localhost;dbname=websiteexample', 'root', ''); $response = $bdd->query('SELECT COUNT(*) FROM users WHERE Username="******" AND Password="******"sha256", $_POST['password']) . '"'); $numberOfAccount = $response->fetch()['COUNT(*)']; if ($numberOfAccount == 1) { //first get username and password from requset