diff --git a/Dashboard.php b/Dashboard.php
index 52e2574..1199ce8 100755
--- a/Dashboard.php
+++ b/Dashboard.php
@@ -1,4 +1,9 @@
-<?php session_start(); ?>
+<?php session_start(); 
+require('autoloader.php');
+if(!Authentification::checkUser(0)){
+    header("Location: http://".$_SERVER['HTTP_HOST']."/index.php");
+    die();
+};?>
 
 <!DOCTYPE html>
 <html>
@@ -52,4 +57,4 @@
 	
 
 	</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/Docs/BDD.sql b/Docs/BDD.sql
index ac9320d..966eaff 100755
--- a/Docs/BDD.sql
+++ b/Docs/BDD.sql
@@ -46,7 +46,7 @@ CREATE TABLE IF NOT EXISTS `Patient` (
   `Adresse` varchar(255) NOT NULL,
   `Adresse 2` varchar(255) DEFAULT NULL,
   `Ville` varchar(50) NOT NULL,
-  `CodePostal` varchar(4) NOT NULL,
+  `CodePostal` varchar(5) NOT NULL,
   `DateNaissance` date NOT NULL,
   `LieuNaissance` varchar(50) NOT NULL,
   `NumSecuriteSociale` varchar(15) NOT NULL,
diff --git a/index.php b/index.php
index c07c582..7feb6de 100755
--- a/index.php
+++ b/index.php
@@ -29,30 +29,14 @@ if(Authentification::checkUser(0)){
 		<meta name='author' value='{xdrm} & SeekDaSky'/>
 
 
-		<link rel='stylesheet' href='globalstylesheet.css'/>
+		<link rel='stylesheet' href='css/login.css'/>
 	</head>
 	<body>
 
 
-	<?php /* [1] AFFICHAGE DIFFÉRÉ SI CONNECTÉ
-	==============================================*/
+	<?php 
 
 	echo "<form action='#auth' method='POST'>";
-
-		/* AFFICHAGE D'ERREURS */
-		if( $postVariablesAreSet ){ // si formulaire soumis
-			if( !$postVariablesNEmpty )
-				echo '<span class=error>Certains champs requis sont vides.</span>';
-			elseif( !$usernameCheck )
-				echo '<span class=error>Nom d\'utilisateur incorrect. (3 car. min)</span>';
-			elseif( !$mailCheck )
-				echo '<span class=error>Adresse mail incorrecte.</span>';
-			elseif( !$passwordCheck )
-				echo '<span class=error>Mot de passe incorrect. (8 car. min)</span>';
-			elseif( connected($user) )
-				echo '<span class=success>Vous êtes connectés.</span>';
-		}
-
 		echo "<input type='text' name='username' placeholder='username'>";
 		echo "<input type='password' name='password' placeholder='password'>";
 		echo "<input type='submit' name='co' value='Me connecter'>";
@@ -62,4 +46,4 @@ if(Authentification::checkUser(0)){
 
 
 	</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/repositories/StaticRepo.php b/repositories/StaticRepo.php
index e42f1fe..2855736 100755
--- a/repositories/StaticRepo.php
+++ b/repositories/StaticRepo.php
@@ -43,6 +43,9 @@ class StaticRepo{
     *
     */
     public static function delNumeric($fetchData, $oneDimension=false){
+	
+	// cas où fetch renvoie FALSE
+	if( $fetchData === false ) return false;
 
         /* [1] 2 dimensions
         ===============================================*/
diff --git a/repositories/repos/MedecinRepo.php b/repositories/repos/MedecinRepo.php
index 4545fda..337753c 100755
--- a/repositories/repos/MedecinRepo.php
+++ b/repositories/repos/MedecinRepo.php
@@ -22,19 +22,35 @@ class MedecinRepo
     }
 
     public function add($civilite,$prenom,$nom){
-
+	$req = $this->connexion->prepare('INSERT INTO Medecin VALUES (DEFAULT,:civilite,:prenom,:nom)');
+        $result = $req->execute(['civilite' => $civilite,
+		                'nom' => $nom,
+		                'prenom' => $prenom));
+	if($result){return ['id' => $this->connexion->lastInsertId()];}
+	else{return false;}
     }
 
-    public function delete($idPatient){
-
+    public function delete($idMedecin){
+	$req = $this->connexion->prepare('DELETE FROM Medecin WHERE Id = :id');
+	return $req->execute(['id' => $idMedecin]);
     }
 
     public function search($nom,$prenom){
+	$req = $this->connexion->prepare('SELECT * FROM Medecin WHERE Nom LIKE :nom AND Prenom LIKE :prenom');
+	$req->execute(['nom' => $nom,
+		       'prenom' => $prenom]);
 
+	return StaticRepo::delNumeric($req->fetchAll());
     }
 
     public function getPatients($idMedecin){
 
+	$req = $this->connexion->prepare('SELECT Patient.* FROM Patient,Medecin
+					WHERE Medecin.Id = :id
+					AND Medecin.Id = Patient.MedecinTraitant');
+
+	$req->execute(['id' => $idMedecin]);
+	return StaticRepo::delNumeric($req->fetchAll());
     }
 
-}
\ No newline at end of file
+}
diff --git a/repositories/repos/PatientRepo.php b/repositories/repos/PatientRepo.php
index caa6dd4..71cb119 100755
--- a/repositories/repos/PatientRepo.php
+++ b/repositories/repos/PatientRepo.php
@@ -17,14 +17,14 @@ class PatientRepo
     public function getById($id){
         $req = $this->connexion->prepare('SELECT * FROM Patient WHERE Id = :id');
         $req->execute(['id' => $id]);
-        return $req->fetchAll();
+	return StaticRepo::delNumeric( $req->fetch(), true );
 
     }
 
     public function add($civilite,$prenom,$nom,$adresse,$ville,$codePostal,$dateNaissance,$lieuNaissance,$numSecu,$medecinTraitant = null){
 
         $req = $this->connexion->prepare('INSERT INTO Patient VALUES (:civilite,:nom,:prenom,:adresse,:ville,:codePostal,:dateNaissance,:lieuNaissance,:numSecu,DEFAULT,:medecin)');
-        $req->execute(['civilite' => $civilite,
+        $result = $req->execute(['civilite' => $civilite,
                         'nom' => $nom,
                         'prenom' => $prenom,
                         'adresse' => $adresse,
@@ -34,19 +34,34 @@ class PatientRepo
                         'lieuNaissance' => $lieuNaissance,
                         'numSecu' => $numSecu,
                         'medecin' => $medecinTraitant ]);
+	if($result){return ['id' => $this->connexion->lastInsertId()];}
+	else{return false;}
 
     }
 
     public function delete($idPatient){
 
+	$req = $this->connexion->prepare('DELETE FROM Patient WHERE Id = :id');
+	return $req->execute(['id' => $idPatient]);
+
     }
 
-    public function updateMedecinTraitant($idPatient,$IdMedecin){
+    public function updateMedecinTraitant($idPatient,$idMedecin){
+
+	$req = $this->connexion->prepare('UPDATE Patient SET MedecinTraitant = :medecin WHERE Id = :id');
+	return $req->execute['medecin' => $idMedecin,
+		      'id' => $idPatient]);
 
     }
 
     public function search($nom,$prenom){
 
+	$req = $this->connexion->prepare('SELECT * FROM Patient WHERE Nom LIKE :nom AND Prenom LIKE :prenom');
+	$req->execute(['nom' => $nom,
+		       'prenom' => $prenom]);
+
+	return StaticRepo::delNumeric($req->fetchAll());
+
     }
 
-}
\ No newline at end of file
+}
diff --git a/repositories/repos/RDVRepo.php b/repositories/repos/RDVRepo.php
index da8644d..9fa90a5 100755
--- a/repositories/repos/RDVRepo.php
+++ b/repositories/repos/RDVRepo.php
@@ -22,11 +22,13 @@ class RDVRepo
     }
 
     public function getByDate($date){
-
+	$date = date('o-m-d',$date);
+	$req = $this->connexion->prepare('SELECT * FROM RDV WHERE DATE(FROM_UNIXTIME(1449136444)) = :date');
     }
 
-    public function delete($idPatient){
-
+    public function delete($idRDV){
+	$req = $this->connexion->prepare('DELETE FROM RDV WHERE Id = :id');
+	return $req->execute(['id' => $idRDV]);
     }
 
     public function add($timestamp,$duree,$idPatient,$idMedecin){
@@ -41,4 +43,4 @@ class RDVRepo
 
     }
 
-}
\ No newline at end of file
+}
diff --git a/src/Authentification.php b/src/Authentification.php
index a81fd19..311c349 100755
--- a/src/Authentification.php
+++ b/src/Authentification.php
@@ -43,7 +43,7 @@ class Authentification{
         $id = uniqid();
         $_SESSION['id'] = $id;
         $_SESSION['token'] = sha1($_SERVER['HTTP_USER_AGENT'].$_SERVER['REMOTE_ADDR'].$id);
-        setcookie('UserId',$id,time()+10*60,'/');
+        session_regenerate_id();
 
         $_SESSION['user'] = $user;
         $_SESSION['role'] = $role;
@@ -71,7 +71,7 @@ class Authentification{
             foreach($_SESSION['role'] as $roleUser){
                 if(($strict and $roleUser == $role) or (!$strict and  $roleUser<= $role)){
                     if($_SESSION['token'] == sha1($_SERVER['HTTP_USER_AGENT'].$_SERVER['REMOTE_ADDR'].$_SESSION['id'])){
-                        setcookie('UserId',$_COOKIE['UserId'],time()+10*60,'/');
+                        session_regenerate_id();
                         return true;
                     };
                 }