- Home
- Categorie
- Coding e Sistemistica
- PHP
- accesso utente
-
accesso utente
salve non riesco a capire perchè se un utente non registrato prova a effettuare l'accesso da pagina bianca come posso risolvere? chiedo aiuto posto i codici
<form method="post" action="app/http/auth.php"> <div class="d-flex justify-content-center align-items-center flex-column"> <h3 class="display-4 fs-1 text-center"> </h3> </div> <?php if (isset($_GET['error'])) { ?> <div class="alert alert-warning" role="alert"> <?php echo htmlspecialchars($_GET['error']);?> </div> <?php } ?> <?php if (isset($_GET['success'])) { ?> <div class="alert alert-success" role="alert"> <?php echo htmlspecialchars($_GET['success']);?> </div> <?php } ?> <div class="mb-3"> <label class="form-label"> Nome utente</label> <input type="text" class="form-login" name="username"> </div> <div class="mb-3"> <label class="form-label"> Password</label> <input type="password" class="form-login" name="password"> </div> <button type="submit" class="btn btn-outline-secondary"> Accedi</button> <a class="btn btn-outline-secondary" href="signup.php" role="button">Registrati</a> <hr> <br> <a class="btn btn-outline-secondary" href="recupero.php" role="button">Password dimenticata?</a> </form> ---------------------------------------------- <?php session_start(); # check if username & password submitted if(isset($_POST['username']) && isset($_POST['password'])){ # database connection file include '../db.conn.php'; # get data from POST request and store them in var $password = $_POST['password']; $username = $_POST['username']; $data = "username=".$username; #simple form Validation if(empty($username)){ # error message $em = "inserisci il nome utente"; # redirect to 'index.php' and passing error message header("Location: ../../index.php?error=$em&$data"); }else if(empty($password)){ # error message $em = "inserisci la password"; # redirect to 'index.php' and passing error message header("Location: ../../index.php?error=$em&$data"); }else { $sql = "SELECT * FROM users WHERE username=?"; $stmt = $conn->prepare($sql); $stmt->execute([$username]); # if the username is exist if($stmt->rowCount() === 1){ # fetching user data $user = $stmt->fetch(); # if both username's are strictly equal if ($user['username'] === $username) { # verifying the encrypted password if (password_verify($password, $user['password'])) { # successfully logged in # creating the SESSION $_SESSION['username'] = $user['username']; $_SESSION['name'] = $user['name']; $_SESSION['user_id'] = $user['user_id']; # redirect to 'home.php' header("Location: ../../home.php"); }else { # error message $em = "Nome utente o password errati"; # redirect to 'index.php' and passing error message header("Location: ../../index.php?error=$em&$data"); } }else { # error message $em = "Nome utente o password errati"; # redirect to 'index.php' and passing error message header("Location: ../../index.php?error=$em&$data"); } } } }else { header("Location: ../../index.php"); exit; }
-
Buongiorno sono riuscito a risolvere certo non è un gran che ma va bene e funziona
posto il codice<?php session_start(); include('../db.conn.php'); if (isset($_POST['username'])) { $username = $_POST['username']; $password = $_POST['password']; $query = $conn->prepare("SELECT * FROM users WHERE username=:username"); $query->bindParam("username", $username, PDO::PARAM_STR); $query->execute(); $result = $query->fetch(PDO::FETCH_ASSOC); if (!$result) { $em = "Il nome utente non risulta registrato!"; header("Location: ../../index.php?error=$em"); } else { if (password_verify($password, $result['password'])) { $_SESSION['user_id'] = $result['user_id']; $_SESSION['username'] = $result['username']; $_SESSION['name'] = $result['name']; header("Location: ../../home.php"); echo '<p class="success">Accesso eseguito con successo!</p>'; } else { $em = "Nome utente o password errata!"; header("Location: ../../index.php?error=$em"); } } } ?>