Ciao a tutti, ragazzi sto creando un sito web www.pm25.it , e in questo sito ci ho messo il classico modulo di registrazione, mi potreste aiutare a capire come proteggere la pagina mandaemail.php, vi posto il codice del login se non sbaglio e la pagina che controlla.



login.php:

<?php
require_once('db.php');
include('functions.php');
include('settings.php');

if (array_key_exists('_submit_check', $_POST))
{
if ( $_POST['username'] != '' && $_POST['password'] != '' )
{
$query = mysql_query ( 'SELECT ID, Username, Active FROM users WHERE Username = "' . mysql_real_escape_string ( $_POST['username'] ) . '" AND Password = "' . mysql_real_escape_string ( md5($_POST['password'] ) ) . '"' );

if ( mysql_num_rows($query) == 1 )
{
$row = mysql_fetch_assoc ( $query );
if ( $row['Active'] == 1 )
{
session_start();
$_SESSION['user_id'] = $row['ID'];
$_SESSION['logged_in'] = TRUE;
header ("Location: members.php");
}
elseif ( $row['Active'] == 0 ) {
$error = 'Il tuo account non e\' attivo. Vai alla tua casella email e clicca sul link';
}
elseif ( $row['Active'] == 2 ) {
$error = 'Sei sospeso!';
}
}
else {
$error = 'Login fallito!';
}
}
else {
$error = 'Password o Username errati riprova';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>www.pm25.it </title>
<link href="css/styles.css" rel="stylesheet" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><style type="text/css">
<!--
body {
background-image: url(sfondo.JPG);
}
.Stile1 {color: #CC3300}
-->
</style></head>

<body>


</p>


</p>


</p>


</p>


</p>
<table width="414" height="257" border="0">
<tr>
<th width="182" height="253" scope="col"></th>
<th width="222" scope="col"><div id="div">
<?php if(isset($error)){ echo ' <p class="error">' . $error . '</p>' . "\n";}?>
</div>
<div id="div2">
<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
<input type="hidden" name="_submit_check" value="1"/>
<div style="margin-top:12px; margin-bottom:10px">
<div align="left">[img]images/username.gif[/img]
<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
</div>
</div>
<div style="margin-bottom:6px">
<div align="left">[img]images/password.gif[/img]
<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
</div>
</div>
<input type="image" name="Login" value="Login" class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
<br class="clear" />
Registrati
</form>
</div></th>
</tr>
</table>
</body>

</html>
-----------------------------------------------------------
e questo e' il codice del mandaemail.php
------------------------------------------------------------

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Index pm25.it</title>
<style type="text/css">
<!--
#Layer1 {
position:absolute;
left:164px;
top:44px;
width:444px;
height:262px;
z-index:1;
}
#Layer2 {
position:absolute;
left:198px;
top:2px;
width:184px;
height:24px;
z-index:2;
}
.Stile1 {font-family: "Times New Roman", Times, serif}
.Stile3 {font-style: italic; color: #666666;}
.Stile4 {color: #CC3300}
#Layer3 {
position:absolute;
left:779px;
top:-1px;
width:46px;
height:36px;
z-index:3;
}
#Layer4 {
position:absolute;
left:828px;
top:11px;
width:149px;
height:24px;
z-index:4;
}
#Layer5 {
position:absolute;
left:272px;
top:317px;
width:154px;
height:1px;
z-index:5;
background-color: #CC3300;
}
#Layer6 {
position:absolute;
left:0px;
top:0px;
width:469px;
height:306px;
z-index:6;
}
#Layer7 {
position:absolute;
left:273px;
top:334px;
width:154;
height:1px;
z-index:6;
background-color: #CC3300;
}
#Layer8 {
position:absolute;
left:267px;
top:303px;
width:130px;
height:14px;
z-index:5;
background-color: #FFFFFF;
}
#Layer9 {
position:absolute;
left:419px;
top:302px;
width:205px;
height:49px;
z-index:6;
}
#Layer10 {
position:absolute;
left:171px;
top:302px;
width:233px;
height:51px;
z-index:7;
}
.Stile5 {color: #CCCCCC}
#Layer11 {
position:absolute;
left:163px;
top:300px;
width:717px;
height:541px;
z-index:8;
}
#Layer12 {
position:absolute;
left:175px;
top:383px;
width:205px;
height:92px;
z-index:9;
}
.Stile6 {font-size: 10px}
.Stile7 {
font-size: 12px;
font-weight: bold;
color: #CC3300;
}
.Stile9 {color: #999999}
.Stile12 {font-family: Arial, Helvetica, sans-serif}
#Layer13 {
position:absolute;
left:176px;
top:504px;
width:204px;
height:97px;
z-index:10;
}
#Layer14 {
position:absolute;
left:174px;
top:648px;
width:204px;
height:82px;
z-index:11;
}
#Layer15 {
position:absolute;
left:400px;
top:318px;
width:18px;
height:531px;
z-index:12;
}
#Layer16 {
position:absolute;
left:436px;
top:380px;
width:142px;
height:467px;
z-index:13;
}
#Layer17 {
position:absolute;
left:149px;
top:839px;
width:690px;
height:17px;
z-index:14;
background-color: #999999;
}
.Stile15 {
color: #FFFFFF;
font-family: Geneva, Arial, Helvetica, sans-serif;
font-size: 10px;
}
#Layer18 {
position:absolute;
left:619px;
top:543px;
width:230px;
height:85px;
z-index:15;
}
.Stile17 {
font-size: 18px;
color: #999999;
}
body {
background-image: url(sfondo.JPG);
}
#Layer19 {
position:absolute;
left:783px;
top:252px;
width:54px;
height:48px;
z-index:16;
background-color: #FFFFFF;
}
#Layer20 {
position:absolute;
left:11px;
top:2px;
width:127px;
height:55px;
z-index:16;
}
#Layer21 {
position:absolute;
left:623px;
top:384px;
width:224px;
height:117px;
z-index:17;
background-color: #CCCCCC;
}
#Layer22 {
position:absolute;
left:152px;
top:137px;
width:280px;
height:301px;
z-index:17;
}
#Layer23 {
position:absolute;
left:471px;
top:340px;
width:145px;
height:21px;
z-index:18;
}
-->
</style>
</head>

<body>
<div id="Layer3">[img]file:///C|/Documents and Settings/Administrator/Desktop/file jpg per il sito/lente.JPG[/img]</div>
<div id="Layer4">
<form id="form1" name="form1" method="post" action="">
<label>
<input name="textfield" type="text" value="Cerca" />
</label>
</form>
</div>
<div id="Layer17">
<div align="center" class="Stile15">&copy; www.pm25.it</div>
</div>
<div id="Layer20">
<object classid="clsid27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="126" height="53">
<param name="movie" value="detect2.swf" />
<param name="quality" value="high" />
<embed src="detect2.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="126" height="53"></embed>
</object>
</div>
<div id="Layer22">
<object classid="clsid27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="326" height="300" title="mailz">
<param name="movie" value="mail.swf" />
<param name="quality" value="high" />
<embed src="mail.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="326" height="300"></embed>
</object>
</div>
}
?>


</p>


</p>


</p>
<p align="justify"></p>
<p align="center"></p>
<p align="justify"></p>
<p align="center"></p>
<p align="center"></p>
<p align="center"></p>
<p align="center"></p>
<div align="right"></div>
<div align="right"></div>
<p align="center"></p>
</body>
</html>
mandaemail.php mi carica un swf esterno(il modulo dell email), spero che mi possiate aiutare grazie....