I'm a newbie, and I am on stage for php programmer, today I receveid a simple problem, but I can't recognize where is the problem. I have an index, that call an operation file.
<?
session_destroy();
if(isset($_POST['Login']) && $_POST['Login'] == "Invio") {
//include("Config.php");
echo "Loggato";
include("Lib/Config_new.php");
# Controllo Loggatura
$Loggatura = new Operatori();
$Loggatura->Login();
# Fine controllo Loggatura
echo $_SESSION['IdOperatore'];
$JavaCode="";
if(isset($Loggatura->Errore) && !empty($Loggatura->Errore))
$JavaCode = "alert('".$Loggatura->Errore."');";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
<title>Login - Intranet</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style lang="it" type="text/css">
body {
overflow: hidden;
width:80%;
height: 80%;
}
#DivImg {
position: absolute;
top: 50%;
margin-top: -168px;
left: 50%;
margin-left: -263px;
font-family: Arial;
font-size: 12px;
background-image: url(Img/Login.jpg);
background-repeat: no-repeat;
height:335px;
width: 525px;
}
#DivFrm {
position: absolute;
top: 100px;
width: 400px;
left: 30px;
}
input.text {
border: 1px solid #000000;
font-family: Arial;
font-size: 12px;
}
#Layer1 {
position:absolute;
left:278px;
top:303px;
width:374px;
height:20px;
z-index:1;
}
.style1 {font-size: 12px}
.PatCar {font-size: 10px}
</style>
<script language="JavaScript" type="text/JavaScript">
<?
echo $JavaCode;
?>
function ControllaForm() {
Passwd = document.getElementById('FrmNewPswd');
RetypePasswd = document.getElementById('FrmRptPswd');
UserName = document.getElementById('FrmLogin');
PasswdOld = document.getElementById('FrmPswd');
Errore = true;
if(UserName = "" || UserName == " "){
TxtErrore = "UserName non inserito!";
Errore = false;
}
if(PasswdOld == "" || PasswdOld == " "){
TxtErrore = "Vecchia password non inserita!";
Errore = false;
}
if(Passwd == "" || Passwd == " "){
TxtErrore = "Non consentite password vuote! Reinserire la password";
Errore = false;
}
if (Passwd != RetypePasswd) {
TxtErrore = "Riscrivere la Password. Form non coerente!";
Errore = false;
}
if(Errore == false) {
alert (TxtErrore);
}
return Errore;
}
function Carica(){
<!-- // (c) br1 - 2002
//location.href="Messaggio.php";
window.open('Messaggio.php','', 'scrollbars=yes,height=500,width=800');
//alert ("Prova");
//-->
//newwindow=window.open("NuoveUtenze.php","width=470","height=62")
//newwindow.creator=self -- +'&Profilo='+document.getElementById('TxtProfilo').value
}
</script>
</head>
<body >
<? echo $_SERVER["HTTP_X_FORWARDED_FOR"] ; ?>
<div id="DivImg">
<div id="DivFrm">
<form id="FrmInvioLogin" name="FrmInvioLogin" action="Index_new.php" method="POST" onsubmit="<? if($Loggatura->Errore ) echo "return ControlloForm();" ?>" >
<table cellpadding="0px" cellspacing="0px" width="80%">
<tr>
<td>UserName</td>
<td><input name="FrmLogin" id="FrmLogin" type="text" size="30" maxlength="30" class="text" /></td>
</tr>
<tr>
<td>Password</td>
<td><input name="FrmPswd" id="FrmPswd" type="password" size="30" maxlength="30" class="text" /></td>
</tr>
<tr><td> </td><td> </td></tr>
<?
# Cambio Password per errore COD002
if($Loggatura->Errore==COD002) {
echo "<tr>
<td>Nuova Password</td>
<td><input name=\"FrmNewPswd\" id=\"FrmNewPswd\" type=\"password\" size=\"30\" maxlength=\"30\" class=\"text\" /></td>
</tr>
<tr>
<td>Ripeti Password</td>
<td><input name=\"FrmRptPswd\" id=\"FrmRptPswd\" type=\"password\" size=\"30\" maxlength=\"30\" class=\"text\" /></td>
</tr>
<tr><td> </td><td> </td></tr>
<tr><td colspan=\"2\"><span class=\"PatCar\">Inserire la password con almeno 8 caratteri. Deve essere presente almeno un numero ed uno dei seguenti caratteri: $ % & . , ! - _ @</span></td></tr>
<tr><td colspan=\"2\"><span class=\"PatCar\">Non si puo' usare il proprio nominativo o ripetere la password precedente</span></td></tr>";
}
?>
<tr>
<td></td>
<td>
<input name="Login" id="Login" type="hidden" value="Invio" />
<br /><input type="image" src="Img/BtnLogin.gif" border="0" onclick="document.FrmInvioLogin.submit()" /> </td>
</tr>
</table>
</form>
</div>
</div>
</body>
</html>
than the operation file function Login() {
$Login = new SQL();
$SessionOp = new Session();
$ControlloOp = new DateOp();
$InsNewPsw=0;
# Cambio Password
if(isset($_POST['FrmNewPswd'])) {
$InsNewPsw=1;
$Change = new Pswd();
$CambioPswd = $Change->ChangePswd();
if(!$CambioPswd) {
$this->Errore = COD009;
$this->OpDB->Registra(COD009, "Login");
$Login->Clear();
return;
/*exit;*/
}
# Se cambio password a buon fine allora rilogga con nuova password.
else {
$_POST['FrmPswd'] = $_POST['FrmNewPswd'];
}
}
# Operazioni di Login
# Controllo presenza login
if(isset($_POST['FrmLogin']) && !empty($_POST['FrmLogin'])) {
# Controllo presenza password
//echo $_POST['FrmPswd'];
if(isset($_POST['FrmPswd']) && !empty($_POST['FrmPswd'])) {
# Query di verifica per la corrispondenza password login
$StrControllo = "SELECT
IdOperatore, Password, IdStato,
DATEDIFF(Month, LastLogin, { fn NOW()}) as DeltaLogin,
DATEDIFF(Month, LastChange, { fn NOW()}) as DeltaChange
FROM
Operatori
WHERE
Login = '".$Login->ParseStringa($_POST['FrmLogin'])."'";
$RsLogin = $Login->Query($StrControllo);
$this->OpDB->Registra($Login->Errore, "Login");
# Controllo presenza coerenza
if(isset($RsLogin['Password']) && $RsLogin['Password'] == $_POST['FrmPswd']) {
# Controllo validità Login
if(!$ControlloOp->ControlloLogin($RsLogin['DeltaLogin'], $RsLogin['IdOperatore'])) {
echo 'ERRORE';
$this->Errore = COD001;
$this->OpDB->Registra(COD001, "Login");
}
# Controllo validità Password
if(!$ControlloOp->ControlloPswd($RsLogin['DeltaChange'], $RsLogin['IdOperatore'])) {
$this->Errore = COD002;
$this->OpDB->Registra(COD002, "Login");
//exit;
}
if($RsLogin['IdStato'] == 3){
$this->Errore = COD008;
$this->OpDB->Registra(COD008, "Login");
}
# Partenza sezzione e Login
if(!isset($this->Errore) || empty($this->Errore)) {
$this->RecuperaOp($RsLogin['IdOperatore']);
# Assegnazione di un gruppo di lavoro per l'operatore (prende solo il MASTER)
$GruppoLavorazione = $this->GruppiLavorazione($RsLogin['IdOperatore']);
$SessionOp->StartSession($this->RsOperatore, $GruppoLavorazione);
}
}
# Password Errata
else {
$this->Errore = COD007;
$this->OpDB->Registra(COD007, "Login");
}
}
# Password non digitata
else {
$this->Errore = COD003;
$this->OpDB->Registra(COD003, "Login");
}
}
# UserName non digitato
else {
$this->Errore = COD004;
$this->OpDB->Registra(COD004, "Login");
}
if ($InsNewPsw==1 && $this->Errore!="") {
$this->Errore = COD010;
$this->OpDB->Registra(COD010, "Login");
}
$Login->Clear();
}
..............
function ChangePswd() {
$ObjSql = new SQL();
# Selezione della vecchia password
$qStrPasswd = "SELECT Nome, Password, IdOperatore FROM Operatori WHERE Login = '".$_POST['FrmLogin']."'";
$RsPasswd = $ObjSql->Query($qStrPasswd);
if (strlen($_POST['FrmNewPswd'])>=8 && $_POST['FrmNewPswd']!=$_POST['FrmPswd']) {
$Parola=split(" ",$RsPasswd['Nome']);
$ContrA=(strpos(strtoupper($_POST['FrmNewPswd']), strtoupper( $Parola[0])));
$ContrB=(strpos(strtoupper($_POST['FrmNewPswd']), strtoupper( $Parola[1])));
if(preg_match("([0-9]{1})",$_POST['FrmNewPswd'])) {
if(strpos($_POST['FrmNewPswd'], ".") || strpos($_POST['FrmNewPswd'], "!") || strpos($_POST['FrmNewPswd'], "$") || strpos($_POST['FrmNewPswd'], "%") || strpos($_POST['FrmNewPswd'], "&") || strpos($_POST['FrmNewPswd'], "-") || strpos($_POST['FrmNewPswd'], ",") || strpos($_POST['FrmNewPswd'], "_") || strpos($_POST['FrmNewPswd'], "@")) {
if (!is_int($ContrA)) {
if (!is_int($ContrB)) {
if($_POST['FrmPswd'] == $RsPasswd['Password']){
# Update vecchia password
$qUpd = "UPDATE Operatori
SET
Password = '".$ObjSql->ParseStringa($_POST['FrmNewPswd'])."', LastChange= getdate()
WHERE
IdOperatore = ".$RsPasswd['IdOperatore'];
$ObjSql->Query($qUpd);
/*$this->OpDB->Registra($ObjSql->Errore);*/
return false;
}
# Fallimento Cambio Password per login errata
else {
return true;
}
}
}
}
}
}
}
than I have a file with all the code you can see in the second part define("COD001", "Login Scaduta");
define("COD002", "Password Scaduta");
define("COD003", "Password non digitata");
define("COD004", "UserName non digitato");
define("COD005", "Sessione scaduta o Login non valido");
define("COD006", "Cambio Password Fallito per Login Errata");
define("COD007", "Password Sbagliata");
define("COD008", "Utenza Cessata");
define("COD009", "Cambio Password Fallito: non conforme ai Requisiti Minimi");
define("COD010", "Cambio Password Fallito: Dati di Login Errati");
define("COD011", "Cambio Password avvenuto correttamente");
I always have COD009, in fact in the second box there is the condition: if(!$CambioPswd) {
$this->Errore = COD009;
$this->OpDB->Registra(COD009, "Login");
$Login->Clear();
return;
but when all the parameters are correct I want to display COD011 and I don't know how write this kind of code, is just a visual problem, because the code is working right and write correct into the db. everything I do in the form new password I always have COD009
Thank for your time