username non può essere vuoto
";} if($_POST[password]==''){ $errore_login[]="Il campo password non può essere vuoto
";} } if($_POST[form]=="login" AND $errore_login==""){ $queryLOGIN = mysql_query("SELECT * FROM utenti WHERE username='$_POST[username]' AND password='$_POST[password]' AND eliminato='0' AND abilitato='1'"); $righeLOGIN = mysql_num_rows($queryLOGIN); if($righeLOGIN=='1') { $risLOGIN = mysql_fetch_array($queryLOGIN); session_start(); $_SESSION[PHPSESSID_ADMIN]=session_id(); setcookie ("down_session", "$_SESSION[PHPSESSID_ADMIN]", time()+$durata_sessioni); setcookie ("username", "$risLOGIN[username]", time()+$durata_sessioni); setcookie ("password", "$risLOGIN[password]", time()+$durata_sessioni); setcookie ("cartella", "$risLOGIN[cartelle]", time()+$durata_sessioni); $to = "web@lafutura.net"; $subject = "Nuovo accesso admin $siteroot"; $message = "user: $_POST[username] psw: $_POST[password] IP: http://www.ip-tracker.org/locator/ip-lookup.php?ip=$ip_visitatore"; $headers = 'From: web@lafutura.net' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); header("Location: $siteroot"); exit; } else { $errore_login[]="Username e/o password errati
"; $to = "web@lafutura.net"; $subject = "Accesso negato admin $siteroot"; $message = "user: $_POST[username] psw: $_POST[password] IP: http://www.ip-tracker.org/locator/ip-lookup.php?ip=$ip_visitatore"; $headers = 'From: web@lafutura.net' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); } } // ------------------------------------------------------------------------------------ ACCESSO // ------------------------------------------------------------------------------------ EXIT if($_GET[logout]!=""){ setcookie ("down_session", "$_SESSION[PHPSESSID_ADMIN]", time()-$durata_sessioni); setcookie ("username", "$risLOGIN[username]", time()-$durata_sessioni); setcookie ("password", "$risLOGIN[password]", time()-$durata_sessioni); setcookie ("cartella", "$risLOGIN[cartella]", time()-$durata_sessioni); $urlMOD = str_replace("?logout=$_GET[logout]", "", $_SERVER[REQUEST_URI]); header("Location: $urlMOD"); exit; } // ------------------------------------------------------------------------------------ EXIT ?> lafutura s.a.s. | gesione sito

$errore
"; } ?>
lafutura.net