ciao a tutti!!!
io ho questo codice per eseguire un semplice login
vorrei sapere se si può implementare del codice per avere un login più sicuro
grazie
io ho questo codice per eseguire un semplice login
Codice:
<?php require_once('Connections/login.php'); ?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "benvenuto.html";
$MM_redirectLoginFailed = "error.html";
$MM_redirecttoReferrer = false;
mysql_select_db($database_login, $login);
$LoginRS__query=sprintf("SELECT username, password FROM users WHERE username='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $login) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Documento senza titolo</title>
</head>
<body>
<div align="center">
<form name="form1" method="POST" action="<?php echo $loginFormAction; ?>">
<table width="400" border="0" cellspacing="0" cellpadding="3">
<tr>
<td width="100">Username:</td>
<td><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td width="100">Password:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td width="100"> </td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</div>
</body>
</html>
vorrei sapere se si può implementare del codice per avere un login più sicuro
grazie