chinoknot Posted October 1, 2015 Share Posted October 1, 2015 (edited) I'm a newbie, and I am on stage for php programmer, today I receveid a simple problem, but I can't recognize where is the problem.I have an index, that call an operation file. <? session_destroy(); if(isset($_POST['Login']) && $_POST['Login'] == "Invio") { //include("Config.php"); echo "Loggato"; include("Lib/Config_new.php"); # Controllo Loggatura $Loggatura = new Operatori(); $Loggatura->Login(); # Fine controllo Loggatura echo $_SESSION['IdOperatore']; $JavaCode=""; if(isset($Loggatura->Errore) && !empty($Loggatura->Errore)) $JavaCode = "alert('".$Loggatura->Errore."');"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <html> <head> <title>Login - Intranet</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style lang="it" type="text/css"> body { overflow: hidden; width:80%; height: 80%; } #DivImg { position: absolute; top: 50%; margin-top: -168px; left: 50%; margin-left: -263px; font-family: Arial; font-size: 12px; background-image: url(Img/Login.jpg); background-repeat: no-repeat; height:335px; width: 525px; } #DivFrm { position: absolute; top: 100px; width: 400px; left: 30px; } input.text { border: 1px solid #000000; font-family: Arial; font-size: 12px; } #Layer1 { position:absolute; left:278px; top:303px; width:374px; height:20px; z-index:1; } .style1 {font-size: 12px} .PatCar {font-size: 10px} </style> <script language="JavaScript" type="text/JavaScript"> <? echo $JavaCode; ?> function ControllaForm() { Passwd = document.getElementById('FrmNewPswd'); RetypePasswd = document.getElementById('FrmRptPswd'); UserName = document.getElementById('FrmLogin'); PasswdOld = document.getElementById('FrmPswd'); Errore = true; if(UserName = "" || UserName == " "){ TxtErrore = "UserName non inserito!"; Errore = false; } if(PasswdOld == "" || PasswdOld == " "){ TxtErrore = "Vecchia password non inserita!"; Errore = false; } if(Passwd == "" || Passwd == " "){ TxtErrore = "Non consentite password vuote! Reinserire la password"; Errore = false; } if (Passwd != RetypePasswd) { TxtErrore = "Riscrivere la Password. Form non coerente!"; Errore = false; } if(Errore == false) { alert (TxtErrore); } return Errore; } function Carica(){ <!-- // (c) br1 - 2002 //location.href="Messaggio.php"; window.open('Messaggio.php','', 'scrollbars=yes,height=500,width=800'); //alert ("Prova"); //--> //newwindow=window.open("NuoveUtenze.php","width=470","height=62") //newwindow.creator=self -- +'&Profilo='+document.getElementById('TxtProfilo').value } </script> </head> <body > <? echo $_SERVER["HTTP_X_FORWARDED_FOR"] ; ?> <div id="DivImg"> <div id="DivFrm"> <form id="FrmInvioLogin" name="FrmInvioLogin" action="Index_new.php" method="POST" onsubmit="<? if($Loggatura->Errore ) echo "return ControlloForm();" ?>" > <table cellpadding="0px" cellspacing="0px" width="80%"> <tr> <td>UserName</td> <td><input name="FrmLogin" id="FrmLogin" type="text" size="30" maxlength="30" class="text" /></td> </tr> <tr> <td>Password</td> <td><input name="FrmPswd" id="FrmPswd" type="password" size="30" maxlength="30" class="text" /></td> </tr> <tr><td> </td><td> </td></tr> <? # Cambio Password per errore COD002 if($Loggatura->Errore==COD002) { echo "<tr> <td>Nuova Password</td> <td><input name=\"FrmNewPswd\" id=\"FrmNewPswd\" type=\"password\" size=\"30\" maxlength=\"30\" class=\"text\" /></td> </tr> <tr> <td>Ripeti Password</td> <td><input name=\"FrmRptPswd\" id=\"FrmRptPswd\" type=\"password\" size=\"30\" maxlength=\"30\" class=\"text\" /></td> </tr> <tr><td> </td><td> </td></tr> <tr><td colspan=\"2\"><span class=\"PatCar\">Inserire la password con almeno 8 caratteri. Deve essere presente almeno un numero ed uno dei seguenti caratteri: $ % & . , ! - _ @</span></td></tr> <tr><td colspan=\"2\"><span class=\"PatCar\">Non si puo' usare il proprio nominativo o ripetere la password precedente</span></td></tr>"; } ?> <tr> <td></td> <td> <input name="Login" id="Login" type="hidden" value="Invio" /> <br /><input type="image" src="Img/BtnLogin.gif" border="0" onclick="document.FrmInvioLogin.submit()" /> </td> </tr> </table> </form> </div> </div> </body> </html> than the operation filefunction Login() { $Login = new SQL(); $SessionOp = new Session(); $ControlloOp = new DateOp(); $InsNewPsw=0; # Cambio Password if(isset($_POST['FrmNewPswd'])) { $InsNewPsw=1; $Change = new Pswd(); $CambioPswd = $Change->ChangePswd(); if(!$CambioPswd) { $this->Errore = COD009; $this->OpDB->Registra(COD009, "Login"); $Login->Clear(); return; /*exit;*/ } # Se cambio password a buon fine allora rilogga con nuova password. else { $_POST['FrmPswd'] = $_POST['FrmNewPswd']; } } # Operazioni di Login # Controllo presenza login if(isset($_POST['FrmLogin']) && !empty($_POST['FrmLogin'])) { # Controllo presenza password //echo $_POST['FrmPswd']; if(isset($_POST['FrmPswd']) && !empty($_POST['FrmPswd'])) { # Query di verifica per la corrispondenza password login $StrControllo = "SELECT IdOperatore, Password, IdStato, DATEDIFF(Month, LastLogin, { fn NOW()}) as DeltaLogin, DATEDIFF(Month, LastChange, { fn NOW()}) as DeltaChange FROM Operatori WHERE Login = '".$Login->ParseStringa($_POST['FrmLogin'])."'"; $RsLogin = $Login->Query($StrControllo); $this->OpDB->Registra($Login->Errore, "Login"); # Controllo presenza coerenza if(isset($RsLogin['Password']) && $RsLogin['Password'] == $_POST['FrmPswd']) { # Controllo validità Login if(!$ControlloOp->ControlloLogin($RsLogin['DeltaLogin'], $RsLogin['IdOperatore'])) { echo 'ERRORE'; $this->Errore = COD001; $this->OpDB->Registra(COD001, "Login"); } # Controllo validità Password if(!$ControlloOp->ControlloPswd($RsLogin['DeltaChange'], $RsLogin['IdOperatore'])) { $this->Errore = COD002; $this->OpDB->Registra(COD002, "Login"); //exit; } if($RsLogin['IdStato'] == 3){ $this->Errore = COD008; $this->OpDB->Registra(COD008, "Login"); } # Partenza sezzione e Login if(!isset($this->Errore) || empty($this->Errore)) { $this->RecuperaOp($RsLogin['IdOperatore']); # Assegnazione di un gruppo di lavoro per l'operatore (prende solo il MASTER) $GruppoLavorazione = $this->GruppiLavorazione($RsLogin['IdOperatore']); $SessionOp->StartSession($this->RsOperatore, $GruppoLavorazione); } } # Password Errata else { $this->Errore = COD007; $this->OpDB->Registra(COD007, "Login"); } } # Password non digitata else { $this->Errore = COD003; $this->OpDB->Registra(COD003, "Login"); } } # UserName non digitato else { $this->Errore = COD004; $this->OpDB->Registra(COD004, "Login"); } if ($InsNewPsw==1 && $this->Errore!="") { $this->Errore = COD010; $this->OpDB->Registra(COD010, "Login"); } $Login->Clear(); } .............. function ChangePswd() { $ObjSql = new SQL(); # Selezione della vecchia password $qStrPasswd = "SELECT Nome, Password, IdOperatore FROM Operatori WHERE Login = '".$_POST['FrmLogin']."'"; $RsPasswd = $ObjSql->Query($qStrPasswd); if (strlen($_POST['FrmNewPswd'])>=8 && $_POST['FrmNewPswd']!=$_POST['FrmPswd']) { $Parola=split(" ",$RsPasswd['Nome']); $ContrA=(strpos(strtoupper($_POST['FrmNewPswd']), strtoupper( $Parola[0]))); $ContrB=(strpos(strtoupper($_POST['FrmNewPswd']), strtoupper( $Parola[1]))); if(preg_match("([0-9]{1})",$_POST['FrmNewPswd'])) { if(strpos($_POST['FrmNewPswd'], ".") || strpos($_POST['FrmNewPswd'], "!") || strpos($_POST['FrmNewPswd'], "$") || strpos($_POST['FrmNewPswd'], "%") || strpos($_POST['FrmNewPswd'], "&") || strpos($_POST['FrmNewPswd'], "-") || strpos($_POST['FrmNewPswd'], ",") || strpos($_POST['FrmNewPswd'], "_") || strpos($_POST['FrmNewPswd'], "@")) { if (!is_int($ContrA)) { if (!is_int($ContrB)) { if($_POST['FrmPswd'] == $RsPasswd['Password']){ # Update vecchia password $qUpd = "UPDATE Operatori SET Password = '".$ObjSql->ParseStringa($_POST['FrmNewPswd'])."', LastChange= getdate() WHERE IdOperatore = ".$RsPasswd['IdOperatore']; $ObjSql->Query($qUpd); /*$this->OpDB->Registra($ObjSql->Errore);*/ return false; } # Fallimento Cambio Password per login errata else { return true; } } } } } } } than I have a file with all the code you can see in the second partdefine("COD001", "Login Scaduta"); define("COD002", "Password Scaduta"); define("COD003", "Password non digitata"); define("COD004", "UserName non digitato"); define("COD005", "Sessione scaduta o Login non valido"); define("COD006", "Cambio Password Fallito per Login Errata"); define("COD007", "Password Sbagliata"); define("COD008", "Utenza Cessata"); define("COD009", "Cambio Password Fallito: non conforme ai Requisiti Minimi"); define("COD010", "Cambio Password Fallito: Dati di Login Errati"); define("COD011", "Cambio Password avvenuto correttamente"); I always have COD009, in fact in the second box there is the condition:if(!$CambioPswd) { $this->Errore = COD009; $this->OpDB->Registra(COD009, "Login"); $Login->Clear(); return; but when all the parameters are correct I want to display COD011 and I don't know how write this kind of code, is just a visual problem, because the code is working right and write correct into the db. everything I do in the form new password I always have COD009 Thank for your time Edited October 1, 2015 by Ch0cu3r Added code tags Quote Link to comment Share on other sites More sharing options...
ginerjm Posted October 1, 2015 Share Posted October 1, 2015 You can't recognize the problem? How about you use a $_SESSION var even tho you never started the session? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.