<?php
if(!@$_SESSION['session']){
		session_start();
		}
$session=htmlspecialchars(formulaires($_SESSION['session']));
if(!@$_SESSION['session'])
	{
	header('Location:index.php?error=connection');
	return false;
	}
	
$verif=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());	//on vérifie si il existe une entrée avec cet identifiant
$verif=$verif->rowCount();
if($verif == 0)
	{
	header('Location:index.php?error=connection');
	session_unset();
	session_destroy();
	return false;
	}

$sql=$dbh->query("SELECT * FROM user WHERE session='$session'") or die ('error : '.mysql_error());
while ($resultat = $sql->fetch(PDO::FETCH_BOTH) )
	{
	$email = $resultat['email'];
	$username = $resultat['username'];
	$id_user = $resultat['id_user'];
	}
?>