no... non uso niente del genere. Comunque ti posto il codice che facciamo prima
all'inizio del file registrazione.php ho :
e questo è il file login.php che includo nel precedentecodice:<?php include("./phpUtils/login.php"); ?> <?php $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form_regis")) { mysql_select_db($database_XXXconnection, $XXXconnection); $insertUtentiSQL = sprintf("INSERT INTO utenti (data_modifica, nome, cognome, password, email, indirizzo, telefono, citta, provincia, data_nascita, sesso, lat, lng) VALUES ('$now', %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['txt_nome'], "text"), GetSQLValueString($_POST['txt_cognome'], "text"), GetSQLValueString($_POST['txt_password'], "text"), GetSQLValueString($_POST['txt_email'], "text"), GetSQLValueString($_POST['txt_indirizzo'], "text"), GetSQLValueString($_POST['txt_telefono'], "text"), GetSQLValueString($_POST['txt_citta'], "text"), GetSQLValueString($_POST['txt_provincia'], "text"), GetSQLValueString($_POST['txt_data_nascita'], "text"), GetSQLValueString($_POST['list_sesso'], "text"), GetSQLValueString($_POST['hdn_latitude'], "text"), GetSQLValueString($_POST['hdn_longitude'], "text")); $Result1 = mysql_query($insertUtentiSQL, $XXXconnection) or die(mysql_error()); $nextpage = 'moreinfo.php'; header("Location: " . $nextpage ); } ?>
graziecodice:<?php require_once('Connections/XXXconnection.php'); ?> <?php //initialize the session if (!isset($_SESSION)) { session_start(); } ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['txt_usrn'])) { $loginUsername=$_POST['txt_usrn']; $password=$_POST['txt_pwd']; $MM_fldUserAuthorization = "level"; $MM_redirectLoginSuccess = "index.php"; $MM_redirectLoginFailed = "errore.html"; $MM_redirecttoReferrer = false; mysql_select_db($database_XXXconnection, $XXXconnection); $LoginRS__query=sprintf("SELECT email, password, nome, level FROM utenti WHERE email=%s AND password=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $sitterconnection) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = mysql_result($LoginRS,0,'level'); $nomeUtente = mysql_result($LoginRS,0,'nome'); //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $_SESSION['MM_nomeUtente'] = $nomeUtente; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?>
Rispondi quotando