<?php
session_start();
error_reporting (0);
ini_set('display_error', '0');
include("edizione.php");
?>
<html>
<head>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>
<body marginheight="0" marginwidth="0">
<?php
$id = $_SESSION['id'];
$avatar = $_SESSION['avatar'];
$password = $_SESSION['password']= trim($_POST['password']);
$nome = $_SESSION['nome'] = trim($_POST['nome']);
$DB_tabella = "utenti";
$DB_connessione = mysql_connect($DB_host,$DB_user,$DB_password) or die("Connessione DB fallita");
mysql_select_db($DB_name,$DB_connessione) or die("Selezione DB fallita");
if ($nome != "" || $password != ""){
$criptata = md5($password);
$query = "SELECT * FROM $DB_tabella WHERE nome = '$nome' AND pass = '$criptata'";
$result = mysql_query($query, $DB_connessione) or die('Errore...pannello di controllo');
$righe = mysql_num_rows($result);
if ($righe > 0){
while($resrow = mysql_fetch_row($result))
{
$USER_nome = addslashes($resrow[1]);
$USER_avatar = addslashes($resrow[3]);
?>
<form name='commenta' method='post' action='commento.php'>
<div class="messaggio">Benvenuto <?php echo $USER_nome; ?>!</div>
<div class="cella1">
<input readonly='readonly' name='nome' style="text-align:center" class="news_sottotesto" value='<?php echo $_SESSION['nome']; ?>' />
<img class="avatar" src="<?php echo $USER_avatar; ?>" />
</div>
<div rowspan ="2" class="cella2">
<textarea style=" margin:inherit" name="mex" class="casella">Lascia un commento...</textarea>
<input type='text' style='display: none' name='data' readonly='readonly' value='<?php echo date("y/m/d");?>'>
<input type='text' style='display: none' name='ora' readonly='readonly' value='<?php echo date("H:i");?>'>
</div>
<div class="cella3">
<input class="bottone" type='submit' name='accedi' value='Invia!'>
<input class="bottone" type='reset' name='cancella' value='Cancella'>
</div>
</form>
<?php
}
} else {
?>
<form name='commenta' method='post' action='index.php'>
<div class="messaggio">Effettua il login per inserire un commento</div>
<div class="cella4">
<div class="cella5">Username: </div>
<div><input type="text" name="nome" style="width:123px;"></div>
<div class="cella5">Password: </div>
<div><input type="password" name="password" style="width:123px;"></div><br>
<div class="cella7"><input type='submit' class="bottone" name='accedi' value='Invia!'></div>
</div>
<div class="cella6">
<span>Nuovo utente? <br /><a class="link_white" href="registrati.php">Registrati</a></span>
<span class="msg">Nome utente o password errati</span>
</div>
</form>
<?php
}
} else {
?>
<form name='commenta' method='post' action='index.php'>
<div class="messaggio">Effettua il login per inserire un commento</div>
<div class="cella4">
<div class="cella5">Username: </div>
<div><input type="text" name="nome" style="width:123px;"></div>
<div class="cella5">Password: </div>
<div><input type="password" name="password" style="width:123px;"></div><br>
<div class="cella7"><input type='submit' class="bottone" name='accedi' value='Invia!'></div>
</div>
<div class="cella6">Nuovo utente? <br /><a class="link_white" href="registrati.php">Registrati</a></div>
</form>
<?php
}
?>
</body>
</html>