Initial commit
This commit is contained in:
commit
95aa4f43f4
5 changed files with 163 additions and 0 deletions
25
dashboard.php
Normal file
25
dashboard.php
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
<?php
|
||||
|
||||
include 'globals.php';
|
||||
|
||||
if (!isset($_SESSION['cliente'])) {
|
||||
header('Location: login.php');
|
||||
}
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>Negozio Virtuale</title>
|
||||
</head>
|
||||
<body>
|
||||
<h1> Negozio online: Servizi </h1>
|
||||
<h3> Benvenuto, <?php echo $_SESSION['cliente']; ?> !</h3>
|
||||
<ol>
|
||||
<li><a href=""> Gestisci il tuo profilo </a></li>
|
||||
<li><a href=""> Segui i tuoi ordini </a></li>
|
||||
<li><a href=""> Accedi al carrello </a></li>
|
||||
<li><a href="logout.php"> Disconnetti </a></li>
|
||||
</ol>
|
||||
</body>
|
||||
</html>
|
||||
13
globals.php
Normal file
13
globals.php
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
<?php
|
||||
|
||||
define('DB_HOST', 'localhost');
|
||||
define('DB_USER', 'root');
|
||||
define('DB_PASS', 'password');
|
||||
define('DB_NAME', 'negozio_online');
|
||||
|
||||
session_start();
|
||||
|
||||
//ignora sotto
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
error_reporting(E_ALL);
|
||||
52
login.php
Normal file
52
login.php
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
<?php
|
||||
|
||||
include 'globals.php';
|
||||
|
||||
if (isset($_SESSION['cliente'])) {
|
||||
header('Location: dashboard.php');
|
||||
die();
|
||||
}
|
||||
|
||||
if (isset($_POST['submit'])) {
|
||||
$conn = @mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME) or die(mysqli_connect_error());
|
||||
|
||||
$usr=$_POST['name'];
|
||||
$psw=$_POST['password'];
|
||||
|
||||
$query = "SELECT * FROM clienti WHERE Username='$usr' AND Password='$psw'";
|
||||
$ris = @mysqli_query($conn, $query) or die("Errore!!");
|
||||
if (@mysqli_num_rows($ris) == 1) {
|
||||
$riga = mysqli_fetch_array($ris, MYSQLI_ASSOC);
|
||||
if ($riga['Tok'] !== 'valido') {
|
||||
$msg = 'Validazione mail non effettuata';
|
||||
} else {
|
||||
$_SESSION['cliente'] = $riga['Username'];
|
||||
header('Location: dashboard.php');
|
||||
die();
|
||||
}
|
||||
} else {
|
||||
$msg = 'Accesso negato!';
|
||||
}
|
||||
}
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="description" content="Negozio virtuale">
|
||||
<meta name="keywords" content="php.server">
|
||||
<title>Negozio Virtuale</title>
|
||||
</head>
|
||||
<body>
|
||||
<h1>Login</h1>
|
||||
<a href="./register.php">Registrati</a>
|
||||
<?php if (isset($msg)) {
|
||||
echo "<p>$msg</p>";
|
||||
} ?>
|
||||
<form action="login.php" method="post">
|
||||
<input type="text" name="name" size="50" maxlength="50" placeholder="username" accesskey="U" tabindex="1"/><br/>
|
||||
<input type="password" name="password" placeholder="password" size="50" maxlength="50" accesskey="U" tabindex="1"/><br/>
|
||||
<input type="submit" class="submit" name="submit" value="Accedi" />
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
4
logout.php
Normal file
4
logout.php
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
session_start();
|
||||
session_destroy();
|
||||
header('Location: login.php');
|
||||
69
register.php
Normal file
69
register.php
Normal file
|
|
@ -0,0 +1,69 @@
|
|||
<?php
|
||||
|
||||
include 'globals.php';
|
||||
|
||||
if (isset($_SESSION['cliente'])) {
|
||||
header('Location: dashboard.php');
|
||||
die();
|
||||
} else {
|
||||
$conn = @mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME) or die(mysqli_connect_error());
|
||||
}
|
||||
|
||||
if (isset($_GET['tok']) && isset($_GET['user'])) {
|
||||
$query = 'SELECT * FROM `clienti` WHERE Username=\''.$_GET['user'].'\' AND Tok=\''.$_GET['tok'].'\'';
|
||||
$ris = @mysqli_query($conn, $query) or die('Errore');
|
||||
if (mysqli_num_rows($ris) != 1) {
|
||||
$msg = 'Validazione mail non valida';
|
||||
} else {
|
||||
$query = 'UPDATE `clienti` SET Tok=\'valido\' WHERE Username=\''.$_GET['user'].'\' AND Tok=\''.$_GET['tok'].'\'';
|
||||
$ris = @mysqli_query($conn, $query) or die('Errore');
|
||||
header('Location: login.php');
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_POST['register'])) {
|
||||
$usr=$_POST['name'];
|
||||
$psw=$_POST['password'];
|
||||
$email=$_POST['email'];
|
||||
|
||||
$query = "SELECT * FROM `clienti` WHERE Username='$usr' OR Email='$email'";
|
||||
$ris = @mysqli_query($conn, $query) or die('Errore');
|
||||
if (mysqli_num_rows($ris) > 0) {
|
||||
$msg = 'Utente già registrato';
|
||||
} else {
|
||||
$tok = bin2hex(random_bytes(15));
|
||||
$query = "INSERT INTO `clienti` (`Username`, `Password`, `Email`, `Tok`) VALUES ('$usr','$psw','$email','$tok')";
|
||||
$ris = @mysqli_query($conn, $query) or die('Errore');
|
||||
|
||||
$message = "Benvenuto!\r\nPer registrarti, vai al link:\r\n\r\nhttp://"
|
||||
.'phpinfo.localhost/sito/register.php?tok='.htmlspecialchars($tok)
|
||||
.'&user='.htmlspecialchars($usr);
|
||||
mail($email, 'Registrati', $message);
|
||||
|
||||
header('Location: login.php');
|
||||
die();
|
||||
}
|
||||
} ?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="description" content="Negozio virtuale">
|
||||
<meta name="keywords" content="php.server">
|
||||
<title>Negozio Virtuale</title>
|
||||
</head>
|
||||
<body>
|
||||
<h1>Registrati</h1>
|
||||
<a href="./login.php">Login</a>
|
||||
<?php if (isset($msg)) {
|
||||
echo "<p>$msg</p>";
|
||||
} ?>
|
||||
<form action="register.php" method="post">
|
||||
<input type="text" name="name" placeholder="username"/><br/>
|
||||
<input type="password" name="password" placeholder="password"/><br/>
|
||||
<input type="email" name="email" placeholder="indirizzo email"/><br/>
|
||||
<input type="submit" class="submit" name="register" value="Registrati" />
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
Reference in a new issue