Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $connection = mysql_connect("localhost", "root", "lolfight82")
- or die($mysql_error());
- mysql_select_db("davide", $connection);
- if(isset($_GET['mode'])) {
- $mode = htmlentities($_GET['mode']);
- if($mode == 'login') {
- if(isset($_POST['username']) and isset($_POST['password'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- if(empty($username) or empty($password))
- die("Username o password vuoti.<br />\n");
- $password = md5($password);
- $query = mysql_query("SELECT * FROM users WHERE username='{$username}' and password='{$password}'");
- if(mysql_num_rows($query) == 1) {
- $id = mysql_insert_id();
- print "Ora sei loggato con successo =)<br />\n";
- $_SESSION['userhash'] = "{$username}567{$id}"; //[USERNAME]567[ID]
- } else {
- print "Errore durante il login, controlla username e password.<br />\n";
- }
- } else {
- ?>
- <form action="login.php?mode=login" method="POST">
- Username: <input type="text" name="username"><br />
- Password: <input type="password" name="password"><br />
- <input type="submit" value="Login">
- </form>
- <?php
- }
- } else if($mode == 'logout') {
- session_destroy();
- print "Logout effettuato con successo.<br />\n";
- } else if($mode == 'register') {
- if(isset($_SESSION['registered'])) {
- if($_SESSION['registered'])
- header("location: index.php");
- }
- if(isset($_POST['username']) and isset($_POST['password']) and isset($_POST['mail'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $mail = $_POST['mail'];
- if(empty($username) or empty($password) or empty($mail))
- die("Username, password o mail non possono essere vuoti.<br />\n");
- $password = md5($password);
- $q = mysql_query("SELECT * FROM users WHERE username='{$username}'");
- if(mysql_num_rows($q) == 1)
- die("Qualcuno si è già iscritto/a con il tuo username.<br />\n");
- $upload_dir = $_SERVER["DOCUMENT_ROOT"] . "images/avatars";
- $new_name = $_FILES["upfile"]["name"];
- if(trim($_FILES["upfile"]["name"]) == "") {
- $avatar = false;
- }
- if($avatar != false) {
- if(@is_uploaded_file($_FILES["upfile"]["tmp_name"])) {
- @move_uploaded_file($_FILES["upfile"]["tmp_name"], "$upload_dir/$file_name")
- or die("Impossibile spostare il file, controlla l'esistenza o i permessi della directory dove fare l'upload.");
- } else {
- die("Problemi nell'upload del file " . $_FILES["upfile"]["name"]);
- }
- }
- if(!$avatar) {
- $query = mysql_query("INSERT INTO users (
- username,
- password,
- mail
- ) VALUES (
- '{$username}',
- '{$password}',
- '{$mail}'
- )");
- } else {
- $avatar = $_FILES["upfile"]["name"];
- $query = mysql_query("INSERT INTO users (
- username,
- password,
- mail
- ) VALUES (
- '{$username}',
- '{$password}',
- '{$mail}',
- '{$avatar}'
- )");
- }
- if($query) {
- print "Registrazione effettuata con successo.<br />\nOra puoi eseguire il <a href='login.php?mode=login'>login</a><br />\n";
- $_SESSION['registered'] = true;
- } else {
- print "Errore durante la registrazione, se il problema persiste contatta un amministratore.";
- }
- } else {
- ?>
- <form action="login.php?mode=register" method="POST">
- Username: <input type="text" name="username"><br />
- Password: <input type="password" name="password"><br />
- Mail: <input type="text" name="mail"><br />
- Avatar: <br />
- <input type="file" name="upfile">
- <input type="hidden" name="MAX_FILE_SIZE" value="10000"><br />
- <input type="submit" value="Registrati">
- </form>
- <?php
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
