Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $p = $_GET['action'];
- include 'Include/cf.php';
- connect();
- if($p){
- if($p == "register"){
- if(!isset($_POST['send'])){
- ?>
- <form method="post" action="#">
- <label>Username:</label><input type="text" name="UserName"><br>
- <label>Password:</label><input type="password" name="pass1"><br>
- <label>Repeat Password:</label><input type="password" name="pass2"><br>
- <label>E-Mail:</label><input type="text" name="email"><br>
- <input type="submit" name="send" value="Registrati">
- </form>
- <?php
- } else {
- $UserName = mysql_real_escape_string($_POST['UserName']);
- $pass1 = mysql_real_escape_string($_POST['UserName']);
- $pass2 = mysql_real_escape_string($_POST['UserName']);
- $email = mysql_real_escape_string($_POST['UserName']);
- if ($UserName == "" || $email == "") {
- echo "Devi riempire tutti i campi";
- } elseif($pass1 == "" || $pass2 == "") {
- echo "Devi scrivere due volte la password.";
- } else {
- $query = "INSERT INTO $tb_users (`UserName`,`PassWord`,`E-Mail`,`Admin`) VALUES ('$UserName','".md5($pass1)."','$email','0')";
- $result = mysql_query($query) or die(mysql_error());
- echo "<font color=\"green\">Registrato con successo. <a href=\"login.php?action=login\">Esegui il login.</a></font>";
- }
- }
- } elseif ($p == "login") {
- if(!isset($_POST['send'])){
- ?>
- <form method="post" action="#">
- <label>Username:</label><input type="text" name="UserName"><br>
- <label>Password:</label><input type="password" name="pass1"><br>
- <input type="submit" name="send" value="LogIn">
- </form>
- <?php
- } else {
- $UserName = mysql_real_escape_string($_POST['UserName']);
- $pass = md5(mysql_real_escape_string($_POST['pass1']));
- $query = "SELECT * FROM $tb_users WHERE UserName = '$UserName' AND PassWord = '$pass';";
- $result = mysql_query($query) or die(mysql_error());
- $rows = mysql_num_rows($result);
- if($rows == 1){
- $fetch = mysql_fetch_assoc($result);
- if($fetch['Admin'] == 1){
- session_register(Admin);
- } elseif($fetch['Admin'] == 0){
- session_register(User);
- }
- $_SESSION['username'] = $UserName;
- echo "<font color=\"green\">Login effettuato.<a href=\"index.php\">Vai alla home</a></font>";
- } else {
- echo "<font color=\"red\">Dati errati!</font>";
- }
- }
- }
- } else {
- echo "Errore parametro action non impostato.";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement