scusate, ma ho postato il codice vecchio , per ora uso questo:
come mai se metto
if ( $_POST['username'] != '' && $_POST['password'] != '' && $_POST["pin"] == "" )
{
}
non fai il controllo ?.
grazie.
Codice PHP:
<?php
session_start();
require_once(dirname(__FILE__) . "/../include.php");
if (array_key_exists('_submit_check', $_POST))
{
if ( $_POST['username'] != '' && $_POST['password'] != '' && $_POST["pin"] == "" )
{
$query = mysql_query ( 'SELECT ID, Username, Active FROM users WHERE Username = "' . mysql_codifica ( $_POST['username'] ) . '" AND Password = "' . mysql_codifica ( md5($_POST['password'] ) ) . '"' );
if ( mysql_num_rows($query) == 1 )
{
$row = mysql_fetch_assoc ( $query );
if ( $row['Active'] == 1 )
{
$_SESSION['user_id'] = $row['ID'];
$_SESSION['username'] = $row["Username"];
$_SESSION['logged_in'] = TRUE;
$msg = "Attendere prego ";
redirect("default/",5);
}
elseif ( $row['Active'] == 0 ) {
$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';
}
elseif ( $row['Active'] == 2 ) {
$error = 'You are suspended!';
}
}
else {
$error = 'Login failed!';
}
}
else {
$error = 'Please use both your username and password to access your account';
}
}
?> <p class="text">Login</p>
<div id="log">
<?php if(isset($error)){ echo ' <p class="error">' . $error . '</p>' . "\n";}?>
<?php if ( isset ( $msg ) ) { echo ' <p class="msg">' . $msg . '</p>' . "\n"; } else {//if we have a mesage we don't need this form again.?>
</div>
<form class="form" action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="hidden" name="_submit_check" value="1"/>
<div style="margin-top:12px; margin-bottom:10px">
[img]images/username.gif[/img]
<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
</div>
<div style="margin-bottom:6px">
[img]images/password.gif[/img]
<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
</div>
<div style="margin-bottom:6px">
Pin
<input class="input" type="password" name="pin" id="pin" size="25" maxlength="32" />
</div>
<input type="submit" name="Login" value="Login" alt="submit" title="submit" />
<br class="clear" />
[url="register.php"]Register[/url]
</form>
<?php } ?>
<?php mysql_close($db); ?>