codice:<?php require_once('Connections/DB_Sito.php'); ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['username'])) { $loginUsername=$_POST['username']; $password=$_POST['password']; $MM_fldUserAuthorization = "privilegio"; $MM_redirectLoginSuccess = "AccessoSi.php"; $MM_redirectLoginFailed = "AccessoNo.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_DB_Sito, $DB_Sito); $LoginRS__query=sprintf("SELECT CFPIVA, password, privilegio FROM utenti WHERE CFPIVA=%s AND password=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $DB_SitoCerin) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = mysql_result($LoginRS,0,'privilegio'); //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <?php session_start(); $_SESSION['MM_Nome'] = $nome; $_SESSION['MM_Cognome'] = $cognome; $_SESSION['MM_Privilegio'] = $privilegio; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Azienda</title> <link href="/sito/include/stile.css" rel="stylesheet" type="text/css" /> <script type="text/javascript"> <!-- function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } //--> </script> </head> <body class="thrColHybHdr" onload="MM_preloadImages('images/bot_azienda2.jpg','images/bot_attivita2.jpg','images/bot_prodotti2.jpg','images/bot_servizi2.jpg','images/bot_legginormative2.jpg','images/bot_news2.jpg','images/bot_links2.jpg')"> <div id="container"> <div id="testata"> <h1 class="testata">Azienda</h1> </div> <div id="MenuOrizz"> <table width="100%"> <tr> <td> <div id="BarraLogin"> <?php if (isset($_SESSION['MM_Username'])) { echo $_SESSION['MM_Cognome'] . ' ' . $_SESSION['MM_Nome'] . ' (' . $_SESSION['MM_Privilegio'] . ') - '; ?> Logout <?php } ?> </div> </td> <td> <div id="MenuOr"> HOME PAGE | CONTATTI | MAPPA SITO | FAQ | HELP </div> </td> </tr> </table> </div> <div id="MenuSin"> <table width="100%" border="0"> <tr> <td>[img]images/bot_home.jpg[/img]</td> </tr> <tr> <td>[img]images/bot_azienda1.jpg[/img]</td> </tr> <tr> <td>[img]images/bot_attivita1.jpg[/img]</td> </tr> <tr> <td>[img]images/bot_prodotti1.jpg[/img]</td> </tr> <tr> <td>[img]images/bot_servizi1.jpg[/img]</td> </tr> <tr> <td>[img]images/bot_legginormative1.jpg[/img]</td> </tr> <tr> <td>[img]images/bot_news1.jpg[/img]</td> </tr> <tr> <td>[img]images/bot_links1.jpg[/img]</td> </tr> </table> </div> <div id="Extra"> <table width="100%" border="0" class="voceMenuVerSel"> <tr> <td class="testoHome3" align="center">ZONA RISERVATA</td> </tr> <tr> <td class="testoLogin"> <form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="Login" id="Login"> <div align="center"> <label>Username: <input name="username" type="text" id="username" tabindex="1" maxlength="12" /> </label> </div> <div align="center"> <label> Password: <input name="password" type="password" id="password" tabindex="2" maxlength="12" /> </label> </div> <div align="center"> <label> <input name="accedi" type="submit" id="accedi" value="Accedi" /> </label> </div> </form> </td> </tr> <tr> <td class="voceHomeLogin" align="center">Registrati</td> </tr> <tr> <td class="voceHomeLogin"></td> </tr> </table> </div> <div id="CorpoHome"> <table width="100%"> <tr> <td class="titoloPag"> Benvenuto! </td> </tr> <tr> <td>[img]images/faccia1.jpg[/img]</td> </tr> <tr> <td class="titoloPag"> Ultime News </td> </tr> <tr> <td> <?php do { ?> <table> <tr> <td class="testoHome4"><div align="left"><?php echo $row_SelezionaNews['DataN']; ?></div></td> <td class="testoHome2"><div align="justify"><?php echo $row_SelezionaNews['Titolo']; ?></div></td> </tr> </table> <?php } while ($row_SelezionaNews = mysql_fetch_assoc($SelezionaNews)); ?> </td> </tr> </table> </div> <br class="clearfloat" /> <div id="Piede"> <table width="100%" border="0" cellspacing="0" cellpadding="0" style="background-color: #3300CC;"> <tr> <td width="71%"><div align="left">Copyright @2008 - Tutti i diritti riservati</div></td> <td width="14%"><div align="center">Privacy Policy</div></td> </tr> </table> </div> </div> </body> </html> <?php mysql_free_result($SelezionaNews); ?>