// we must never forget to start the session
session_start();
$errorMessage = '';
if (isset($_POST['user_name']) && isset($_POST['user_pass'])) {
include 'query.php';
$userName = $_POST['user_name'];
$password = $_POST['user_pass'];
// check if the user id and password combination exist in database
$sql = "SELECT *
FROM ".$prefix."tx
WHERE user_name = '$userName'
AND user_pass = '$password'";
$result = mysql_query($sql)
or die('Query failed. ' . mysql_error());
if (mysql_num_rows($result) != 0) {
while ($riga = mysql_fetch_array($result)) {
$nome = $riga[nome];
$id_tx = $riga[id];
}
// the user id and password match,
// set the session
$_SESSION['db_is_logged_in'] = true;
$_SESSION['nome'] = $nome;
$_SESSION['username'] = $userName;
$_SESSION['id_tx'] = $id_tx;
// after login we move to the main page
$pag_precedente = "modifica_tx.php";
include "redir_neutro.php";
//header('Location: '.$pagina);
exit;
//echo " Pagina: ".$pagina;
//echo " Utente: ".$_SESSION['username'];
//echo " ID: ".$_SESSION['id_tx'];
} else {
$errorMessage = 'Spiacente, i dati non sono corretti';
echo "