define( "DATABASE", $database_connectDb );
define( "EXPIRE", 14400 );
define( "COOKIE_NAME", "private_".DATABASE );
define( "COOKIE_NAME_PRIVATE", "private_".DATABASE."_registered" );
if($action=="logout"){
setcookie(COOKIE_NAME, '', time() - 3600, '/');
setcookie(COOKIE_NAME_PRIVATE, '', time() - 3600, '/');
header ("Location: ".getUrl(array("action"),$currentPage,0));
exit;
}
//Utenti Registrati
$tabella="utente";
$formNm="login";
$cookieName=COOKIE_NAME;
$isLogged = getIsLogged($tabella, $formNm, $cookieName);
$formNm="login_top";
$isLogged = getIsLogged($tabella, $formNm, $cookieName);
if($isLogged){
$tmp=split("-", $_COOKIE[$cookieName]);
$idLogged = loadFromDbSimple("id",$tabella,"utente='".$tmp[0]."'","");
$nameLogged = getNmLogged($tabella, $idLogged);
}
//Utenti Area Privata
$tabella="utente_privato";
$formNm="login_area_privata";
$cookieName=COOKIE_NAME_PRIVATE;
$isLoggedPrivate = getIsLogged($tabella, $formNm, $cookieName);
if($isLoggedPrivate){
$tmp=split("-", $_COOKIE[$cookieName]);
$idLoggedPrivate = loadFromDbSimple("id",$tabella,"utente='".$tmp[0]."'","");
$nameLogged = getNmLogged($tabella, $idLoggedPrivate);
}
function getNmLogged($tabella, $idLogged) {
$tmp=getCampoNome($tabella);
$isCognome=($tmp=="cognome");
if($isCognome) $tmp.=",nome";
loadFromDbSimple($tmp,$tabella,"id='".$idLogged."'","tmp");
if($isCognome) {
global $tmp_cognome;
global $tmp_nome;
$nameLogged=$tmp_cognome." ".$tmp_nome;
}
else {
global ${"tmp_".$tmp};
$nameLogged=${"tmp_".$tmp};
}
return $nameLogged;
}
function getIsLogged($tabella, $formNm, $cookieName) {
$cookie_var = split("-", $_COOKIE[$cookieName]);
$utente = $cookie_var[0];
$password = $cookie_var[1];
$result = "select password, 1 as auth from ".$tabella." where utente='".$utente."' and password='".$password."' and is_attivo=1";
$row = mysql_fetch_array(mysql_db_query( DATABASE, $result ));
$isLogged = ($row[auth]);
if(!$isLogged) $isLogged = checkCookie($tabella, $cookieName);
return $isLogged;
}
function checkCookie($tabella, $cookieName){
if (isset($_POST['utente'])){
$utente=$_POST['utente'];
$password=$_POST['password'];
return AuthenticateUser ( $utente, $password, $tabella, $cookieName );
}
}
function GenerateSecret($utente, $encrypted_password, $tabella, $cookieName) {
$cookie_val = "$utente-$encrypted_password";
setcookie($cookieName, $cookie_val, time()+EXPIRE, '/');
$data = date('YmdHi');
$query = "update ".$tabella." set data_ultimo_accesso='".$data."' where utente='".$utente."' and password='".$encrypted_password."' and is_attivo=1";
mysql_db_query( DATABASE, $query );
global $currentPage;
header ("Location: ".getUrl(array("action"),$currentPage,0));
exit;
}
function AuthenticateUser($utente, $password, $tabella, $cookieName) {
$appoggio=md5("$password"."$utente");
$utente=strip_tags(trim($utente));
$utente = ereg_replace('=', '', $utente);
$utente = ereg_replace(' or', ' ', $utente);
$utente = ereg_replace('or ', ' ', $utente);
$utente = ereg_replace('and ', ' ', $utente);
$utente = ereg_replace(' and', ' ', $utente);
$utente = ereg_replace(' ', '', $utente);
$arg = "select password, 1 as auth from ".$tabella." where utente='".$utente."' and password='".$appoggio."' and is_attivo=1";
$row = mysql_fetch_array(mysql_db_query( DATABASE, $arg ));
if ($row[auth]) GenerateSecret( $utente, $row[password], $tabella, $cookieName );
return $row[auth];
}
?>
Apri la tua Agenzia
LEADER IN SARDEGNA
Prenota i tuoi viaggi al miglior prezzo e le migliori vacanze con Sardiniacollection.
Pacchetti Vacanza, Viaggi di Nozze, Business Travel, Trasferimenti in tutta la Sardegna.