if(isset($_POST['txtUser'])) { $id_user = $_POST['txtUser']; };
if(isset($_POST['txtPass'])) { $id_pass = $_POST['txtPass']; };
if(isset($_GET['mess'])) { $mess = $_GET['mess']; };
if ($mess == "err") {$mess = "Login non valido!!!";};
if ($_POST['Submit'] == "Entra") {
include_once 'parametri.inc.php';
// connessione al DB
$conn = mysql_connect( $db_host, $db_user, $db_pass) or die("Impossibile connettersi al server MYSQL");
// selezione del DB
mysql_select_db( $db_name, $conn) or die ("Impossibile selezionare il database $db_name.");
$strSQL = "SELECT * FROM operatori WHERE nrbadge = '" . $_POST['txtUser'] . "' AND password = '" . $_POST['txtPass'] . "'";
$rsDesc = mysql_query($strSQL,$conn) or die ("Impossibile eseguire il comando SQL1.");
$dsDesc = mysql_fetch_row($rsDesc);
$xxUtente = $dsDesc[2];
$xxPassword = $dsDesc[3];
$xxTipo = $dsDesc[5];
//if ($id_user == "$xxUtente" AND $id_pass == "$xxPassword") {
if ($dsDesc[0] > 0) {
//session_name("artesegno");
$_SESSION['openome'] = $dsDesc[1] . " " . $dsDesc[2];
$_SESSION['opeid'] = $dsDesc[0];
if ($_POST['dotty'] == 1) {$_SESSION['touch'] = 1;} else {$_SESSION['touch'] = 0;}
$xLink = "operatoriute.php";
echo "";
} else {
echo "";
};
};
?>