149 lines
4.7 KiB
PHP
149 lines
4.7 KiB
PHP
<?php
|
|
/**
|
|
* Pagina di Login
|
|
*
|
|
* Permette agli utenti di accedere alla piattaforma
|
|
*/
|
|
|
|
require_once 'includes/config.php';
|
|
require_once 'includes/functions.php';
|
|
|
|
session_start();
|
|
|
|
// Se l'utente è già loggato, reindirizza
|
|
if (is_logged_in()) {
|
|
if (is_admin()) {
|
|
header('Location: admin/dashboard.php');
|
|
} else {
|
|
header('Location: user/dashboard.php');
|
|
}
|
|
exit;
|
|
}
|
|
|
|
// Variabili per il form
|
|
$email = '';
|
|
$error = '';
|
|
|
|
// Processa il form se inviato
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$email = sanitize_input($_POST['email'] ?? '');
|
|
$password = $_POST['password'] ?? '';
|
|
|
|
// Validazione
|
|
if (empty($email) || empty($password)) {
|
|
$error = 'Inserisci email e password';
|
|
} elseif (!validate_email($email)) {
|
|
$error = 'Email non valida';
|
|
} else {
|
|
// Cerca l'utente nel database
|
|
$user = get_user_by_email($email);
|
|
|
|
if ($user && verify_password($password, $user['password'])) {
|
|
// Password corretta - effettua il login
|
|
|
|
// Aggiorna data ultimo accesso
|
|
$pdo = get_db_connection();
|
|
$stmt = $pdo->prepare("UPDATE users SET last_login = NOW() WHERE id = ?");
|
|
$stmt->execute([$user['id']]);
|
|
|
|
// Log attività
|
|
$stmt = $pdo->prepare("
|
|
INSERT INTO activity_log (user_id, action, description, ip_address, user_agent, created_at)
|
|
VALUES (?, 'login', 'Utente ha effettuato il login', ?, ?, NOW())
|
|
");
|
|
$stmt->execute([
|
|
$user['id'],
|
|
$_SERVER['REMOTE_ADDR'] ?? null,
|
|
$_SERVER['HTTP_USER_AGENT'] ?? null
|
|
]);
|
|
|
|
// Imposta la sessione
|
|
login_user($user['id'], $user['is_admin']);
|
|
|
|
// Reindirizza alla pagina appropriata
|
|
if (isset($_SESSION['redirect_after_login'])) {
|
|
$redirect = $_SESSION['redirect_after_login'];
|
|
unset($_SESSION['redirect_after_login']);
|
|
header("Location: $redirect");
|
|
} elseif ($user['is_admin']) {
|
|
header('Location: admin/dashboard.php');
|
|
} else {
|
|
header('Location: user/dashboard.php');
|
|
}
|
|
exit;
|
|
|
|
} else {
|
|
$error = 'Email o password non corretti';
|
|
}
|
|
}
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="it">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Login - Pilates Platform</title>
|
|
<link rel="stylesheet" href="assets/css/style.css">
|
|
</head>
|
|
<body>
|
|
<div class="container-sm" style="padding-top: 3rem;">
|
|
<div class="card">
|
|
<div class="text-center mb-3">
|
|
<h1 class="logo">Pilates Studio</h1>
|
|
</div>
|
|
|
|
<h2 class="card-header text-center">Accedi al tuo account</h2>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-error">
|
|
<?php echo htmlspecialchars($error); ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<form method="POST" action="">
|
|
<div class="form-group">
|
|
<label for="email" class="form-label">Email</label>
|
|
<input
|
|
type="email"
|
|
id="email"
|
|
name="email"
|
|
class="form-control"
|
|
value="<?php echo htmlspecialchars($email); ?>"
|
|
required
|
|
autofocus
|
|
>
|
|
</div>
|
|
|
|
<div class="form-group">
|
|
<label for="password" class="form-label">Password</label>
|
|
<input
|
|
type="password"
|
|
id="password"
|
|
name="password"
|
|
class="form-control"
|
|
required
|
|
>
|
|
</div>
|
|
|
|
<button type="submit" class="btn btn-primary btn-large" style="width: 100%;">
|
|
Accedi
|
|
</button>
|
|
</form>
|
|
|
|
<div class="text-center mt-2">
|
|
<p class="text-muted">
|
|
<a href="forgot_password.php">Hai dimenticato la password?</a>
|
|
</p>
|
|
<p class="text-muted">
|
|
Non hai un account? <a href="register.php"><strong>Registrati</strong></a>
|
|
</p>
|
|
<p class="mt-2">
|
|
<a href="index.php">← Torna alla home</a>
|
|
</p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|