salve ragazzi apro questa discussione, perche mi serve il vostro aiuto, nel lavoro che sto facendo , ho creato il pannello di amministrazione con login. premetto che usao un template esterno smarty comunque vi posto l area privata
Codice PHP:
session_start();
$area_administrator=isset($_SESSION['area_administrator'])?$_SESSION['area_administrator']:'';
if($area_administrator){
ob_start();
echo $area_administrator ;
echo"
";
echo"[url='logout.php']logout[/url]";
$pagcontenuto['admin_content'] = ob_get_contents();
ob_end_clean();
}
else
{
//========================================================================================================
//qui inizia laparte se l admin non e loggiato #
//========================================================================================================
ob_start();
unset($_SESSION['area_administrator']);
if(!isset($_POST['action'])){$action ="";}else{$action =trim(addslashes($_POST['action']));}
if(!isset($_POST['login'])){$login ="";}else{$login =trim(addslashes($_POST['login']));}
if(!isset($_POST['password'])){$password ="";}else{$password =trim(addslashes($_POST['password']));}
$CONFIG['check_table'] = array("action"=>"check_global","login"=>"check_global","password"=>"check_global");
function areaAdmin($action,$login,$password){
global $CONFIG ;
$action =trim(addslashes($action));
$login =trim(addslashes($login));
$password =trim(addslashes($password));
if(!isset($login)or $login ==""){
echo"<div class='errorlogin'>Il campo login e obbligatorio</div>";
echo"<script type=\"text/javascript\">";
echo"setTimeout(\"location.href='".$_SERVER['PHP_SELF']."'\",3000)";
echo"</script>";
return;
}if(!isset($password)or $password ==""){
echo"<div class='errorlogin'>Il campo password e obbligatorio</div>";
echo"<script type=\"text/javascript\">";
echo"setTimeout(\"location.href='".$_SERVER['PHP_SELF']."'\",3000)";
echo"</script>";
return;
}else{return "TRUE" ;}
}
if($action == "controladmin")
{
$controlloAmministrator = areaAdmin($action,$login,$password);
if($controlloAmministrator !="TRUE")
{
echo $controlloAmministrator;
}
else
{
if(!file_exists("../include/funzion.php")){
echo"Il files funzioni.php non e presente";
}else{
include"../include/funzion.php";
}
$password = criptpass($password);
$control_administrator = mysql_query("SELECT * FROM amministratori WHERE login='$login' AND password ='$password' AND enable =1 LIMIT 0,1");
if(@mysql_num_rows($control_administrator)==1)
{
$_SESSION['area_administrator']= "$login";
echo "<meta http-equiv=\"Refresh\" content=\"3; URL=index.php\">Login effettuato correttamente ";
}
else
{
echo "<meta http-equiv=\"Refresh\" content=\"3; URL=index.php\">Login non corretto ";
}
}
}
echo"<div class='divloginadmin'>\n";
echo"<div class='divloginadmintitle'>\n";
echo"Administrator";
echo"</div>";
echo"<table class='' style='margin:0 auto; border:none; padding-top:10px;padding-bottom:20px;' cellpadding='0' cellspacing='0' >\n";
echo"<tr>\n";
echo"<td></td>\n";
echo"<td>\n";
echo"<form name='' action='".$_SERVER['PHP_SELF']."' method='post' id=''>\n";
echo"<table class='tabinputlogin' style='margin:0 auto; border:none; width:100%;' cellpadding='3' cellspacing='0' >\n";
echo"<tr>\n";
echo"<td></td>\n";
echo"<td>[b]Login:[/b]
<input type='text' name='login' style='border: 1px solid #ddd; width:180px;'/></td>\n";
echo"</tr>";
echo"<tr>\n";
echo"<td></td>\n";
echo"<td>[b]Password:[/b]
<input type='password' name='password' style='border: 1px solid #ddd; width:180px;' /></td>\n";
echo"</tr>\n";
echo"</table>\n";
echo"<table style='margin:0 auto; border:none; width:100%;' cellpadding='3' cellspacing='0' >\n";
echo" <tr>";
echo"<td><input type = 'hidden' name = 'action' value='controladmin'/></td>";
echo"<td><input type='submit' value='Accedi' name='' style='border: 1px solid #ddd; width:100px;' /></td>\n";
echo"</tr>\n";
echo"</table>\n";
echo"
";
echo"<table class='infologin' style='margin:0 auto; border:none; width:100%;' cellpadding='3' cellspacing='0' >\n";
echo" <tr>\n";
echo"<td>".$_SERVER['REMOTE_ADDR']."</td>\n";
echo"</tr>\n";
echo" <tr>\n";
echo"<td></td>\n";
echo"</tr>\n";
echo"</table>\n";
echo"</form>\n";
echo"</td>\n";
echo"<td></td>\n";
echo"</tr>\n";
echo"</table>\n";
echo"</div>\n";
$pagcontenuto['admin_content'] = ob_get_contents();
ob_end_clean();
}
adesso dovrei aggiungere questa classe per il salvataggio delle sessioni nel database ,
Codice PHP:
/*
CREATE TABLE `ws_sessions` (
`session_id` varchar(255) binary NOT NULL default '',
`session_expires` int(10) unsigned NOT NULL default '0',
`session_data` text,
PRIMARY KEY (`session_id`)
) TYPE=InnoDB;
*/
class session {
// session-lifetime
var $lifeTime;
// mysql-handle
var $dbHandle;
function open($savePath, $sessName) {
// get session-lifetime
$this->lifeTime = get_cfg_var("session.gc_maxlifetime");
// open database-connection
$dbHandle = @mysql_connect("localhost","root","maurizio");
$dbSel = @mysql_select_db("www",$dbHandle);
// return success
if(!$dbHandle || !$dbSel)
return false;
$this->dbHandle = $dbHandle;
return true;
}
function close() {
$this->gc(ini_get('session.gc_maxlifetime'));
// close database-connection
return @mysql_close($this->dbHandle);
}
function read($sessID) {
// fetch session-data
$res = mysql_query("SELECT session_data AS d FROM ws_sessions
WHERE session_id = '$sessID'
AND session_expires > ".time(),$this->dbHandle);
// return data or an empty string at failure
if($row = mysql_fetch_assoc($res))
return $row['d'];
return "";
}
function write($sessID,$sessData) {
// new session-expire-time
$newExp = time() + $this->lifeTime;
// is a session with this id in the database?
$res = @mysql_query("SELECT * FROM ws_sessions
WHERE session_id = '$sessID'",$this->dbHandle);
// if yes,
if(@mysql_num_rows($res)) {
// ...update session-data
mysql_query("UPDATE ws_sessions
SET session_expires = '$newExp',
session_data = '$sessData'
WHERE session_id = '$sessID'",$this->dbHandle);
// if something happened, return true
if(@mysql_affected_rows($this->dbHandle))
return true;
}
// if no session-data was found,
else {
// create a new row
@mysql_query("INSERT INTO ws_sessions (
session_id,
session_expires,
session_data)
VALUES(
'$sessID',
'$newExp',
'$sessData')",$this->dbHandle);
// if row was created, return true
if(@mysql_affected_rows($this->dbHandle))
return true;
}
// an unknown error occured
return false;
}
function destroy($sessID) {
// delete session-data
mysql_query("DELETE FROM ws_sessions WHERE session_id = '$sessID'",$this->dbHandle);
// if session was deleted, return true,
if(mysql_affected_rows($this->dbHandle))
return true;
// ...else return false
return false;
}
function gc($sessMaxLifeTime) {
// delete old sessions
@mysql_query("DELETE FROM ws_sessions WHERE session_expires < ".time(),$this->dbHandle);
// return affected rows
return @mysql_affected_rows($this->dbHandle);
}
}
$session = new session();
session_set_save_handler(array(&$session,"open"),
array(&$session,"close"),
array(&$session,"read"),
array(&$session,"write"),
array(&$session,"destroy"),
array(&$session,"gc"));
mi date una mano? percortesia grazie