function comprobar_usuario_conectado() { if (!usuario_conectado()) { header("Location: ../socios/login.php"); return; } else { $socio_id = $_SESSION['socio_id']; $res = pg_query_params("select nombre\n from socios\n where id = \$1", array($socio_id)); if (pg_num_rows($res) == 0) { header("Location: ../socios/login.php"); return; } else { $fila = pg_fetch_assoc($res, 0); $nombre = $fila['nombre']; ?> <p align="right"> Usuario: <strong><?php echo $nombre; ?> </strong> <a href="../socios/logout.php"> <input type="button" value="Salir" /> </a> </p> <hr/><?php } } }
<?php session_start(); ?> <!DOCTYPE html> <html> <head> <title>Videoclub</title> <meta charset="utf-8" /> </head> <body><?php require '../comunes/auxiliar.php'; if (usuario_conectado()) { header("Location: ../alquileres/index.php"); return; } if (isset($_POST['numero'], $_POST['password'])) { $numero = trim($_POST['numero']); $password = trim($_POST['password']); conectar(); $res = pg_query_params("select id\n from socios\n where numero = \$1 and\n password = md5(\$2)", array($numero, $password)); if (pg_num_rows($res) > 0) { $fila = pg_fetch_assoc($res, 0); $id = (int) $fila['id']; $_SESSION['socio_id'] = $id; $_SESSION['socio_numero'] = $numero; header("Location: ../alquileres/index.php"); return; } else { ?> <h3>Error: usuario incorrecto</h3><?php