Ho cosi poco tempo e scusatemi se ho solo piccoli e sporadici ritagli di tempo da dedicare ai vostri preziosi consigli.
Dopo un pò di letture sono arrivato a questo ma se immetto i dati di accesso qualcosa non funziona e resto inchiodato alla pagina login.php
pur volendo richiamare la pagina main.php sul mio client mi fa redirect sulla index.php in cui è inclusa login.php
Questa la pagina login.php
Codice PHP:
<div class="title">Autenticazione</div>
<hr size="1">
<?php
// SESSIONE
session_start();
//require_once('config.php');
$_SESSION["id"] = $data["id"];
$_SESSION["real"] = $data["reale"];
$_SESSION["email"] = $data["email"];
$_SESSION["level"] = $data["livello"];
// SE SONO SETTATE LOGIN E PASSWORD
if (isset($_POST['login'])) {
$user = $_POST['user'] ?? '';
$pass = $_POST['pass'] ?? '';
// CONTROLLA NELLA TABELLA USER
if (empty($user) || empty($pass)) {
$msg = 'Inserisci username e password %s';
} else {
//
if (empty($user) || empty($pass)) {
$msg = 'Inserisci username e password %s';
} else {
$query = "
SELECT user, pass
FROM users
WHERE user = :user
";
$check = $pdo->prepare($query);
$check->bindParam(':user', $user, PDO::PARAM_STR);
$check->execute();
$user = $check->fetch(PDO::FETCH_ASSOC);
if (!$user || pass_verify($pass, $user['pass']) === false) {
$msg = 'Credenziali utente errate %s';
}
}
// LOGGED
if (isset($_SESSION['session_id'])) {
header('Location: main.php');
exit;
}
?>
<form id="form" name="form" method="post" action="main.php">
<div class="message">ERRORE DI AUTENTICAZIONE !!!</div>
<hr size="1" color="#E6E6E6"; >
<p>User:<br /><input name="user" type="text" id="user" /></p>
<p>Pass:<br /><input name="pass" type="password" id="pass" /></p>
<p><hr size="1" color="#E6E6E6"; ></p>
<!-- SUBMIT -->
<input class="record" type="submit" value="ENTRA" />
</form>
<? } ?>
<? } else { ?>
<form id="form" name="form" method="post" action="main.php">
<p>User:<br /><input name="user" type="text" id="user" /></p>
<p>Pass:<br /><input name="pass" type="password" id="pass" /></p>
<p><hr size="1"></p>
<!-- SUBMIT -->
<input class="record" type="submit" value="ENTRA" />
</form>
<? } ?>
Questa in vece è la main.php
Codice PHP:
<?php
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
ini_set('display_startup_errors', TRUE);
// SESSIONE
session_start();
// OUTPUT BUFFER
ob_start();
// AUTENTICAZIONE OK
if(isset($_SESSION['real'])) {
// CONFIGURAZIONE
require 'config.php';
// SEZIONI
require 'sections.php';
// RECUPERA LA SEZIONE
if(isset($_GET['section'])) { $current_section = $_GET['section']; } else { $current_section = $sections[0]; }
if(isset($_GET['subsection'])) { $current_subsection = $_GET['subsection']; } else { $current_subsection = $subsections[$current_section][0]; }
// NAVIGAZIONE SINGOLA -> SEZIONE E SOTTOSEZIONE COINCIDONO
if($navigation == 'single') { $current_subsection = $current_section; }
// RECUPERA I TIPI DI DATI MOSTRARE
if(isset($_GET['view'])) { $view = $_GET['view']; } else { $view = "list"; }
// VARIABILI URL
$url_append = '§ion=' . $current_section;
$url_append .= '&subsection=' . $current_subsection;
$url_append .= '&order=' . $_GET['order'];
$url_append .= '&direction=' . $_GET['direction'];
// INCLUDE FILE COI CAMPI INPUT DA VISUALIZZARE
if($current_section != '') { include 'row/' . $current_section . '.php'; }
if($current_subsection != '') { include 'form/' . $current_subsection . '.php'; }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<!-- TITOLO -->
<title><? echo $page_title; ?> - Area Riservata</title>
<!-- CSS ESTERNI -->
<link href="../css/back.css" rel="stylesheet" type="text/css">
<link href="../css/modal.css" rel="stylesheet" type="text/css">
<link href="../css/calendar.css" rel="stylesheet" type="text/css">
<link href="../css/uploadify.css" rel="stylesheet" type="text/css">
<!-- JAVASCRIPT ESTERNI -->
<script type="text/javascript" src="../javascript/jquery.js"> </script>
<script type="text/javascript" src="../javascript/uploadify.js"> </script>
<script type="text/javascript" src="../javascript/back.js"> </script>
<script type="text/javascript" src="../javascript/swfobject.js"> </script>
<script type="text/javascript" src="../javascript/ajax.js"> </script>
<script type="text/javascript" src="../javascript/calendar.js"> </script>
<script type="text/javascript" src="../javascript/nicedit.js"> </script>
<!-- HTML DEL TASTO CHIUDI DELLE FINESTRE MODAL.JS -->
<script type="text/javascript">
var my_closeHTML = '<a class="modalCloseImg" onclick="manage_category(\'<? echo $current_section; ?>\',\'select\',0,0,\'language\')"></a>';
</script>
<script type="text/javascript" src="../javascript/modal.js"></script>
</head>
<body>
<!-- HEADER -->
<div id="header_wrapper">
<div id="header">
<!-- LOCK -->
<div id="lock">
Benvenuto <strong><? echo $_SESSION['real']; ?></strong> |
<a href="main.php?view=form&id=<? echo $_SESSION['id']; ?>§ion=utenti&subsection=utenti&account=true">Account</a>
<? if($_SESSION['level'] == 'admin') { ?>| <a href="main.php?view=list§ion=utenti&subsection=utenti">Utenti</a><? } ?>
| <a href="logout.php">Log Out</a>
</div>
<!-- TITLE -->
<div id="title"><? echo $page_title; ?></div>
<!-- NAVIGATION -->
<? include('navigation.php'); ?>
</div>
</div>
<!-- CONTENT -->
<div id="content_wrapper">
<div id="content"><? include($view . '.php'); ?></div>
</div>
<!-- FOOTER -->
<div id="footer_wrapper">
<div id="footer">
<strong>NIK © 2011</strong><br />Powered by NICOLA ANTIGNANO</div>
</div>
</body>
</html>
<!-- AUTENTICAZIONE FALLITA -->
<? } else { header ('Location: index.php'); ob_end_flush();} ?>