Ho queste due pagine e, anche se creo la sessione "login_effettuato", non me la legge!
Login:
Pagina:
Login:
Codice:
<?php
session_start();
ob_start();
error_reporting(E_ALL);
echo "
<html>
<head>
<title>Login Chatter</title>
</head>
<body>";
$username = $_POST['usrlog'];
$password = $_POST['pswlog'];
$ricordami = isset($_POST['ricordami']) ? $_POST['ricordami'] : 'no';
if (!preg_match("/^[a-z0-9]{4,12}$/i", $username)) {
header('location: index.php?error=1');
exit;
}
if (!preg_match("/^[a-z0-9]{4,12}$/i", $password)) {
header('location: index.php?error=2');
exit;
}
include('db_conn.php');
$sql = "SELECT * FROM users WHERE username = '" . $username . "'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
if ($row['username'] !== $username){
header('location: index.php?error=3');
exit;
}
if ($row['password'] !== sha1($password)){
header('location: index.php?error=4');
exit;
}
if ($ricordami == 'si'){
setcookie('ricordami', $username . " " . sha1($password), time()+13405824000);
}
$_SESSION['login_effettuato'] = $row['username'];
$_SESSION['id_login'] = $row['id'];
header('location: https://www.chatternetwork.it/users/' . $username . '/');
?>
</body>
</html>
Pagina:
Codice:
<?php
session_start();
ob_start();
error_reporting(E_ALL);
function get_current_url() {
$url = 'http' . ($_SERVER['HTTPS'] == 'on' ? 's' : '') . '://'
. $_SERVER['SERVER_NAME']
. $_SERVER['REQUEST_URI'];
return $url;
}
function paginaErrore(){
$username = sha1(str_replace('/customers/a/2/9/chatternetwork.it//httpd.www/users/', '', __DIR__));
header('location: https://www.chatternetwork.it/log.php?next=' . get_current_url() . "&username=" . $username);
exit;
}
if (!isset($_SESSION['login_effettuato'])){
echo $_SESSION['login_effettuato'];
exit;
paginaErrore();
}
if ($username !== $_SESSION['login_effettuato']){
paginaErrore();
}
include('../../pagina_utente.php');
?>