Ciao ragazzi,
sto usando un classe per la gestione del login. Premetto che non sono super esperta di php, php5 peggio ancora... ma ho la necessità di risolvere la cosa senza poterci studiare molto.
Devo passare l'utente alla pagina protetta ma non riesco.
il sistema di login è cosi composto:
Membership.php
Mysql.php
constants.php
index.php
1)Membership.php
Codice PHP:<?php
require 'Mysql.php';
class Membership {
function validate_user($un, $pwd) {
$mysql = New Mysql();
$ensure_credentials = $mysql->verify_Username_and_Pass($un, md5($pwd));
if($ensure_credentials) {
$_SESSION['status'] = 'authorized';
$_SESSION['nome'] = '$un';
header("location: index.php");
} else return "Please enter a correct username and password";
}
function log_User_Out() {
if(isset($_SESSION['status'])) {
unset($_SESSION['status']);
if(isset($_COOKIE[session_name()]))
setcookie(session_name(), '', time() - 1000);
session_destroy();
}
}
function confirm_Member() {
session_start();
if($_SESSION['status'] !='authorized') header("location: login.php");
}
}
2)Mysql.php
Codice PHP:<?php
require_once 'includes/constants.php';
class Mysql {
private $conn;
function __construct() {
$this->conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME) or
die('There was a problem connecting to the database.');
}
function verify_Username_and_Pass($un, $pwd) {
$query = "SELECT *
FROM utenti
WHERE nome = ? AND pswd = ?
LIMIT 1";
if($stmt = $this->conn->prepare($query)) {
$stmt->bind_param('ss', $un, $pwd);
$stmt->execute();
if($stmt->fetch()) {
$stmt->close();
return true;
}
}
}
}
3)constants.php
4) index.phpCodice PHP:<?php
// Define constants here
define('DB_SERVER', 'localhost');
define('DB_USER', '');
define('DB_PASSWORD', '');
define('DB_NAME', '');
5) login.phpCodice PHP:<?php
require_once 'classes/Membership.php';
$membership = New Membership();
$membership->confirm_Member();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="css/default.css" />
<!--[if lt IE 7]>
<script type="text/javascript" src="js/DD_belatedPNG_0.0.7a-min.js"></script>
<![endif]-->
<title>Untitled Document</title>
</head>
<body>
<div id="container">
You've reached the page that stores all of the secret launch codes!
<?php echo "$un"; ?>
</p>
[url="login.php?status=loggedout"]Log Out[/url]
</div>
</body>
</html>
Non riesco in nessun modo a passare la user dell'utente loggato nella pagina index.php,Codice PHP:<?php
session_start();
require_once 'classes/Membership.php';
$membership = new Membership();
// If the user clicks the "Log Out" link on the index page.
if(isset($_GET['status']) && $_GET['status'] == 'loggedout') {
$membership->log_User_Out();
}
// Did the user enter a password/username and click submit?
if($_POST && !empty($_POST['username']) && !empty($_POST['pwd'])) {
$response = $membership->validate_User($_POST['username'], $_POST['pwd']);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login to access the secret files!</title>
<link rel="stylesheet" type="text/css" href="css/default.css" />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js"></script>
<script type="text/javascript" src="js/main.js"></script>
</head>
<body>
<div id="login">
<form method="post" action="">
<h2>Login [size="1"]enter your credentials[/size]</h2>
<label for="name">Username: </label>
<input type="text" name="username" />
</p>
<label for="pwd">Password: </label>
<input type="password" name="pwd" />
</p>
<input type="submit" id="submit" value="Login" name="submit" />
</p>
</form>
<?php if(isset($response)) echo "<h4 class='alert'>" . $response . "</h4>"; ?>
</div>
</body>
</html>
dove sbaglio?
grazie a tutti,
lory
Rispondi quotando