creare modulo Login

**Dheed** · 06-12-2010, 22:02

Grazie,ho un ultimissimo problema(anche perchè non ho fatto altro)...ho letto che per mantenere un utente collegato bisogna creare una sessione,io ne ho creato una con i cookie,ma non funziona...
Questo è il codice del login.php:

Codice PHP:


<?php 

include 'dbc.php';



$err = array();



foreach($_GET as $key => $value) {

    $get[$key] = filter($value); //get variables are filtered.

}



if ($_POST['doLogin']=='Login')

{



foreach($_POST as $key => $value) {

    $data[$key] = filter($value); // post variables are filtered

}





$user_email = $data['usr_email'];

$pass = $data['pwd'];





if (strpos($user_email,'@') === false) {

    $user_cond = "user_name='$user_email'";

} else {

      $user_cond = "user_email='$user_email'";

    

}



    

$result = mysql_query("SELECT `id`,`pwd`,`full_name`,`approved`,`user_level` FROM users WHERE 

           $user_cond

            AND `banned` = '0'

            ") or die (mysql_error()); 

$num = mysql_num_rows($result);



  // Match row found with more than 1 results  - the user is authenticated. 

    if ( $num > 0 ) { 

    

    list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result);

    

    if(!$approved) {

    //$msg = urlencode("Account not activated. Please check your email for activation code");

    $err[] = "Account not activated. Please check your email for activation code";

    

    //

    ("Location: login.php?msg=$msg");

     //exit();

     }

     

        //check against salt

    if ($pwd === PwdHash($pass,substr($pwd,0,9))) { 

    if(empty($err)){            



     // this sets session and logs user in  

       session_start();

       session_regenerate_id (true); //prevent against session fixation attacks.



       // this sets variables in the session 

        $_SESSION['user_id']= $id;  

        $_SESSION['user_name'] = $full_name;

        $_SESSION['user_level'] = $user_level;

        $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);

        

        //update the timestamp and key for cookie

        $stamp = time();

        $ckey = GenKey();

        mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error());

        

        //set a cookie 

        

       if(isset($_POST['remember'])){

                  setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/");

                  setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/");

                  setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/");

                   }

          header("Location: Homepage.php");

         }

        }

        else

        {

        //$msg = urlencode("Invalid Login. Please try again with correct user email and password. ");

        $err[] = "Login Invalido. Riprova con  email e password corretti.";

        //header("Location: login.php?msg=$msg");

        }

    } else {

        $err[] = "Errore - Login Invalido. Utente Inesistente";

      }        

}

                     

                     



?>

<html>

<head>

<title>Login Utenti</title>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>

<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>

  <script>

  $(document).ready(function(){

    $("#logForm").validate();

  });

  </script>

<link href="styles.css" rel="stylesheet" type="text/css">



</head>



<body>

[url="http://forum.it.altervista.org/../Homepage.htm"][img]http://forum.it.altervista.org/../immagini/logo.png[/img][/url]



<table width="100%" border="0" cellspacing="0" cellpadding="5" class="main">

  <tr> 

    <td colspan="3"></td>

  </tr>

  <tr> 

    <td width="160" valign="top">

</p>

      

 </p>

      

</p>

      

</p>

      

</p></td>

    <td width="732" valign="top">

</p>

      <h3 class="titlehdr">Login Utenti

      </h3>  

      



      <?php

      /******************** ERROR MESSAGES*************************************************

      This code is to show error messages 

      **************************************************************************/

      if(!empty($err))  {

       echo "<div class=\"msg\">";

      foreach ($err as $e) {

        echo "$e 
";

        }

      echo "</div>";    

       }

      /******************************* END ********************************/      

      ?></p>

      <form action="login.php" method="post" name="logForm" id="logForm" >

        <table width="65%" border="0" cellpadding="4" cellspacing="4" class="loginform">

          <tr> 

            <td colspan="2"></td>

          </tr>

          <tr> 

            <td width="28%">Username / Email</td>

            <td width="72%"><input name="usr_email" type="text" class="required" id="txtbox" size="25"></td>

          </tr>

          <tr> 

            <td>Password</td>

            <td><input name="pwd" type="password" class="required password" id="txtbox" size="25"></td>

          </tr>

          <tr> 

            <td colspan="2"><div align="center">

                <input name="remember" type="checkbox" id="remember" value="1">

                Ricordami</div></td>

          </tr>

          <tr> 

            <td colspan="2"> <div align="center"> 

                

 

                  <input name="doLogin" type="submit" id="doLogin3" value="Login">

                </p>

                

[url="register.php"]Registrati[/url]<font color="#FF6600"> 

                  |</font> [url="forgot.php"]Password Dimenticata[/url] <font color="#FF6600"> 

                  </font></p>

                <!--

<span style="font: normal 9px verdana">Powered by <a href="http://php-login-script.com">PHP 

                  Login Script v2.3</a></span></p>-->

              </div></td>

          </tr>

        </table>

        <div align="center"></div>

        <p align="center"> </p>

      </form>

      

</p>

       

      </td>

    <td width="196" valign="top"></td>

  </tr>

  <tr> 

    <td colspan="3"></td>

  </tr>

</table>



</body>

</html>

e questo della Homepage.php:

codice:

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Farebury</title>
<link rel="icon" href="../../favicon.ico" />
</head>

<body>


<table width='75%'>
<tr>
  <td></td>
  <form action="login.php" method="post" name="logForm" id="logForm" >
  <td width="28%">Username / Email</td>
  <td width="50%"><input name="usr_email" type="text" class="required" id="txtbox" size="25"></td>
  <td>Password</td>
  <td><input name="pwd" type="password" class="required password" id="txtbox" size="25"></td>
  <td><input name="doLogin" type="submit" id="doLogin3" value="Login"></td>
  <td width='80'><input name="remember" type="checkbox" id="remember" value="1" width='100'>Ricordami</td>
  </form>
  <td>Registrati<font color="#FF6600"> <font color="#FF6600">
 |</font> Password Dimenticata <font color="#FF6600"></td>
</tr>
</table>
</body>
</html>

Discussione: creare modulo Login

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio