Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- index.php
- <?php
- session_start();
- ?>
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>PenPalling.it</title>
- </head>
- <body style="background-color: lightcyan">
- <table style="width: 100%">
- <tbody>
- <tr>
- <td style="width: 25%">
- <?php include "menu/menu.php" ?>
- </td>
- <td>
- <?php echo 'Testo centrale (News, articoli vari)' ?>
- </td>
- <td style="width: 25%">
- <?php include "user/login.php" ?>
- <table>
- <tr>
- <td style="width: 50%">ads google 1</td>
- <td style="width: 50%">qualcosa da scrivere qui o lasciamo vuoto? XD</td>
- </tr>
- </table>
- </td>
- </tr>
- </tbody>
- </table>
- <div style="text-align: center">
- <p>Copyright, link a termini e condizioni, contatti(?), varie di fine pagina</p>
- </div>
- </body>
- </html>
- ###########################################################################################
- ###########################################################################################
- ###########################################################################################
- chklg.php
- <?php
- ob_start();
- include_once '../include/config.php';
- $db = mysql_connect($_CONFIG['host'], $_CONFIG['user'], $_CONFIG['pass']) or die('Impossibile stabilire una connessione');
- mysql_select_db($_CONFIG['dbname'], $db) or die('Impossibile stabilire una connessione');
- //Imposto le variabili per controllare gli accessi
- $UName = $_POST['txtUname'];
- $Pwd = $_POST['txtPwrd'];
- //Soluzione anti SQLInjection
- $UName = stripslashes($UName);
- $Pwd = stripslashes($Pwd);
- $UName = mysql_real_escape_string($UName);
- $Pwd = mysql_real_escape_string($Pwd);
- //Query SQL per controllare dati su DB
- $sql= "SELECT * FROM ".$_Config['User']." WHERE username='$UName' and password = md5('$Pwd')";
- $result=mysql_query($sql);
- //Conto quanti risultati ci sono
- $count = mysql_num_rows($result);
- //Se c'รจ un solo risultato, il login ha successo
- if ($count == 1){
- //Imposto altre variabili di sessione
- $_SESSION['Login'] = "true";
- $_SESSION['UserLogin'] = $UName;
- header("location: ../index.php");
- }
- else {
- $_SESSION['Login'] = "false";
- header("location: ../index.php");
- }
- ob_end_flush();
- ?>
- ###########################################################################################
- ###########################################################################################
- ###########################################################################################
- login.php
- <?php
- echo $_SESSION['Login'];
- if(!isset($_SESSION['Login'])){
- ?>
- <form name="frmLogin" method="post" action="user/chklg.php">
- <table>
- <tr>
- <td>
- Username
- </td>
- <td>
- <input type="text" name="txtUname" />
- </td>
- </tr>
- <tr>
- <td>
- Password
- </td>
- <td>
- <input type="password" name="txtPwrd" />
- </td>
- </tr>
- <tr>
- <td><input type="submit" name="btnInvio" /></td>
- </tr>
- </table>
- </form>
- <?php
- }
- else
- {
- if($_SESSION['Login'] == "False")
- {
- ?>
- <form name="frmLogin" method="post" action="chklg.php">
- <table>
- <tr>
- <td>
- Username
- </td>
- <td>
- <input type="text" name="txtUname" />
- </td>
- </tr>
- <tr>
- <td>
- Password
- </td>
- <td>
- <input type="password" name="txtPwrd" />
- </td>
- </tr>
- <tr>
- <td><input type="submit" name="btnInvio" /></td>
- </tr>
- <tr><td>Username o Password Errati</td></tr>
- </table>
- </form>
- <?php
- }
- else
- {
- echo "Benvenuto, ".$_SESSION['UserLogin']."!";
- }
- }
- ?>
Add Comment
Please, Sign In to add comment