<html>
<head>
<title>Maschera Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" type="text/css" href="stile.css"></head>
<body>
<div id="container">
<div id="header">
<img class="logo" src="images/LogoFotografando.jpg" alt="Logo Fotografando... immagini d'autore" />
<h1>Museo della fotografia italiana</h1>
Lucca, Complesso monumentale di San Micheletto
</div>
<div id="navigation">
<a href="index.php">Home</a> |
<a href="info.php">Informazioni</a> |
<a href=" ">Eventi</a> |
<a href=" ">Collezione</a> |
<a id="activelink" href="#">Login</a> |
<a href="registrazione.php">Registrati</a>
</div>
<div id="content">
<div id="right">
<img src="images/foto1.jpg" width="200" height="190" alt="Chiostro" border="0" /><br />
<font size="1" face="arial">Chiostro: angolo di nord-ovest.</font><br /><br />
<img src="images/foto2.jpg" width="200" height="193" alt="Veduta aerea" border="0" /><br />
<font size="1" face="arial">Veduta aerea del Complesso <br />Monumentale di San Micheletto</font>
</div>
<h2>Effettua il login al sistema</h2><br /><br />
<p>Immetti nei campi specifici i tuoi dati:</p>
<?php
// Connects to your Database
mysql_connect("127.0.0.1", "root", "") or die(mysql_error());
mysql_select_db("museo2") or die(mysql_error());
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM utenti WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
[B]header("Location: members.php");[/B]
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
$check = mysql_query("SELECT * FROM utenti WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=registrazione.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
[B]setcookie('ID_my_site', $_POST['username'], $hour);
setcookie('Key_my_site', $_POST['pass'], $hour);[/B]
//then redirect them to the members area
[B]header("Location: members.php");[/B]
}
}
}
else
{
// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
</div>
<div id="footer">© 2007 - Sito Web realizzato da xxx</div>
</div>
</body>
</html>