login da database e + variabile.

**luik** · 06-09-2009, 19:35

Salve, volevo creare un login che prende i dati dal database più un input type="text",
che può fare da pin. ad esempio inserico (username:luik/password

rova/pin:112) e dopo aver inserito il pin accede alla area riservata per l'admin , mi serve per un utente solo,.

Vi posto il codice:

Codice PHP:


<?php

session_start();

require_once(dirname(__FILE__) . '/../include.php');





if(isset($_POST['pass']) && isset($_POST['user']))

{

  $qry_pass = mysql_codifica($_POST['pass']);

  $qry_user = mysql_codifica($_POST['user']);



  $query = "SELECT * " .

            "FROM users " .

            "WHERE _username = '$qry_user' " .

            "AND _password = '$qry_pass' " .

            "AND _type = 'Admin' and _status='1' ";

  $results = mysql_query($query) or die (mysql_error());



  if(mysql_num_rows($results) != 0)

  {

   $row = mysql_fetch_array($results);

   $_SESSION['log'] = 1; // utente logato

   $_SESSION['username'] = $row['_username'];

   $_SESSION['user_id'] = $row["UsersId"];

   $_SESSION['role'] = $row['_type'];

   redirect("default/",0);

  }

  

}









?>





<html>

<head>

<title>Home Page</title>



<SCRIPT LANGUAGE="JavaScript">

function ver()

   {

   for (i=0; i<document.forms[0].elements.length; ++i)

      if(document.forms[0].elements[i].value == "")

         {

         alert("Inserire username e password!");

         document.forms[0].elements[i].focus();

         return false;

         }

   return true;

   }

</SCRIPT>

</head>

<body>





<form name="login" action="index.php" method="post" onSubmit="return ver();">

Username


<input name="user" type="text" size="15" maxlength="11">



Password


<input name="pass" type="password" maxlength="8">



<input type="submit" name="submit" value="Login">

</form>




</p>

</body>

</html>

**luik** · 06-09-2009, 20:35

nessuno?.

**luik** · 06-09-2009, 21:30

scusate, ma ho postato il codice vecchio , per ora uso questo:

come mai se metto
if ( $_POST['username'] != '' && $_POST['password'] != '' && $_POST["pin"] == "" )
{
}

non fai il controllo ?.

grazie.

Codice PHP:


<?php

session_start();

require_once(dirname(__FILE__) . "/../include.php");







    if (array_key_exists('_submit_check', $_POST))

    {

        if ( $_POST['username'] != '' && $_POST['password'] != '' && $_POST["pin"] == "" )

        {

            $query = mysql_query ( 'SELECT ID, Username, Active FROM users WHERE Username = "' . mysql_codifica ( $_POST['username'] ) . '" AND Password = "' . mysql_codifica ( md5($_POST['password'] ) ) . '"' );

            

            if ( mysql_num_rows($query) == 1 )

            {

                $row = mysql_fetch_assoc ( $query );

                if ( $row['Active'] == 1 )

                {

                    $_SESSION['user_id'] = $row['ID'];

                    $_SESSION['username'] = $row["Username"];

                    $_SESSION['logged_in'] = TRUE;

                    $msg = "Attendere prego ";

                    redirect("default/",5);

                }

                elseif ( $row['Active'] == 0 ) {

                    $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';

                }

                elseif ( $row['Active'] == 2 ) {

                    $error = 'You are suspended!';

                }

            }

            else {        

                $error = 'Login failed!';        

            }

        }

        else {

            $error = 'Please use both your username and password to access your account';

        }

    }

?>    <p class="text">Login</p>

    <div id="log">

<?php if(isset($error)){ echo '            <p class="error">' . $error . '</p>' . "\n";}?>

<?php    if ( isset ( $msg ) )    { echo '            <p class="msg">' . $msg . '</p>' . "\n";    } else {//if we have a mesage we don't need this form again.?>

    

    </div>



        <form class="form" action="<?php echo $_SERVER['PHP_SELF']?>" method="post">



            <input type="hidden" name="_submit_check" value="1"/> 

        

            <div style="margin-top:12px; margin-bottom:10px">

                [img]images/username.gif[/img]

                <input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />

            </div>

            <div style="margin-bottom:6px">

                [img]images/password.gif[/img]

                <input class="input" type="password" name="password" id="password" size="25" maxlength="32" />



            </div>

                <div style="margin-bottom:6px">

                Pin

                <input class="input" type="password" name="pin" id="pin" size="25" maxlength="32" />



            </div>

            <input type="submit" name="Login" value="Login"   alt="submit" title="submit" />

            <br class="clear" />

            [url="register.php"]Register[/url]

            

        </form>

        <?php } ?>

        

    <?php mysql_close($db); ?>

**luik** · 06-09-2009, 22:06

risolto:
$pin = "20492034892";
if ( $_POST['username'] != '' && $_POST['password'] != '' && $_POST["pin"] == "".$pin."" )
{
etc..

grazie.

**r1cky`** · 06-09-2009, 22:13

Io comunque ti consiglierei di usare la funzione isset.

**luik** · 07-09-2009, 11:58

Originariamente inviato da r1cky`
Io comunque ti consiglierei di usare la funzione isset.

ok, grazie per il consiglio.

Discussione: login da database e + variabile.

Strumenti discussione

Ricerca discussione

Visualizza

login da database e + variabile.

Permessi di invio