<?php
require_once 'config.php';
require 'autenticazione.php';
rememberMe();
$error = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$error = Login($error);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="author" content="Bachechi Andrea">
<meta name="description" content="applicazione per la gestione di un magazzino">
<link rel="stylesheet" type="text/css" href="ElemStyle.css">
<link rel="stylesheet" type="text/css" href="logStyle.css">
<title>Magazzino</title>
</head>
<body>
<div class="loginBox">
<h2>Login</h2>
<form id="autenticazione" action="<?php
echo htmlspecialchars($_SERVER['PHP_SELF']);
?>
" method="post">
<label for="usr">Username:</label>
<input type="text" name="usr" id="usr" required >
<label for="pwd">Password:</label>
$username = strip_tags($_POST['login_username']);
//hash the entered password for comparison with the db
$password = hash("sha256", $_POST['login_password']);
//Check for a record that matches the POSTed credentials
$query = "SELECT * FROM users WHERE username = '******' AND password = '******';";
$result = $mysqli->query($query);
$user = mysqli_fetch_assoc($result);
if ($result && $result->num_rows == 1 && $user['active'] == 1) {
$_SESSION['user'] = $_POST['login_username'];
if (isset($_POST['stay-logged']) || isset($_POST['stay-logged-full'])) {
onLogin($result['id']);
}
}
mysqli_query($mysqli, "INSERT INTO session_history VALUES ({$result['id']}, 'login', '{$timestamp}')");
}
$remembered = rememberMe();
if ($remembered) {
$account = mysqli_fetch_assoc($mysqli->query("SELECT * FROM users WHERE id={$remembered}"));
$_SESSION['user'] = $account['username'];
$_SESSION['fbId'] = $account['fb_id'];
}
if ($loggedIn) {
$fb = isset($_SESSION['fbId']);
$user = isset($_SESSION['user']);
$dbAccountFinder = $fb ? "fb_id='{$_SESSION['fbId']}'" : "username='******'user']}'";
$accountQuery = "SELECT * FROM users WHERE {$dbAccountFinder}";
if (!$account) {
$account = mysqli_fetch_assoc($mysqli->query($accountQuery));
}
}
$admin = $loggedIn && $account['id'] == 21 ? true : false;
