Codice PHP:
<?
include("top_foot.inc.php");
include("config.inc.php");
top();
$db = mysql_connect($db_host, $db_user, $db_password);
if ($db == FALSE)
die ("Errore nella connessione. Verificare i parametri nel file config.inc.php");
mysql_select_db($db_name, $db)
or die ("Errore nella selezione del database. Verificare i parametri nel file config.inc.php");
session_start();
/* ---------- user settings ---------- */
$query = "SELECT pwd FROM biblio_admin WHERE nick='$nick'";
$result = mysql_query($query, $db);
$row = mysql_fetch_array($result);
$passinMD=md5($pass);
/* ---------- actions ---------- */
if ($action == "logout") {
session_unset();
}
if ($action == "login") {
if ($passinMD == $row[pwd]) {
$_SESSION['auth'] = true;
} else {
$error = "
<big><big><big><center>Password Errata</center></big></big></big>
";
}
}
/* ---------- authenticate ---------- */
if ($_SESSION['auth'] == true) {
/* secure code */
} else {
/* non-secure code */
$view = "login";
}
?>
<html>
<title>Secure Area</title>
<body>
<script language="JavaScript">
function Controllo()
{
if (document.frm.nick.value == "")
{window.alert("Inserire il nick");
return false;
exit;
}
if (document.frm.pass.value == "")
{window.alert("Inserire la password");
return false;
exit;
}
return true;
}
</script>
<? if ($view == "login") { ?>
<form action="login.php" method="post" name="frm" onsubmit="return Controllo()";>
<center>
<big><big><big><big><font face="papyrus"> Inserisci Nick e Password </font></big>
</big></big></big></p>
Nick:
<input type=password size=40 name=nick>
Password:
<input type=password size=40 name=pass>
<input name="action" type="hidden" id="action" value="login">
<input type="submit" name="Submit" value="Login"><? echo "$error
"; ?>
</p>
</center>
</form>
<? } if ($_SESSION['auth'] == true) { ?>
<! -- SECURE CONTENT -->
[url="login.php?action=logout"]logout[/url]
<? } ?>
</body>
</html>
Cosi va! visto k nn sn cosi ignorante 
ora cm faccio a mandarla se $_SESSION['auth'] == true ad una pagina?
Rispondi quotando