diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..dce6e29
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,4 @@
+DB_HOST=localhost
+DB_USERNAME=techstore
+DB_PASSWORD=dioporco
+DB_DATABASE=TechStore
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 4e5364a..7b22a69 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 src/img/*
 !src/img/example/
-!src/img/logo.png
\ No newline at end of file
+!src/img/logo.png
+.env
\ No newline at end of file
diff --git a/src/db_conf.php b/src/db_conf.php
index 2cc2573..961b997 100644
--- a/src/db_conf.php
+++ b/src/db_conf.php
@@ -1,16 +1,17 @@
 <?php
 // Configurazione connessione database
-$host = 'localhost';
-$username = 'techstore';
-$password = 'dioporco';
-$database = 'TechStore';
+$host = getenv("DB_HOST") ?: 'localhost';
+$username = getenv("DB_USERNAME") ?:'techstore';
+$password = getenv("DB_PASSWORD") ?: 'dioporco';
+$database = getenv("DB_DATABASE") ?: 'TechStore';
 
-// Creazione connessione
-$conn = mysqli_connect($host, $username, $password, $database);
-
-// Controllo connessione
-if ($conn->connect_error) {
-    die("Connessione fallita: " . $conn->connect_error);
+// Creazione e gestione eccezioni connessione
+try{
+    $conn = mysqli_connect($host, $username, $password, $database);
+}
+catch(Exception $e) {
+    error_log("Errore connessione database: " . $e->getMessage());
+    die("Errore di connessione al database. Riprova più tardi.");
 }
 
 // Opzionale: impostare charset
diff --git a/src/login.php b/src/login.php
index 61b34e2..c314ef5 100644
--- a/src/login.php
+++ b/src/login.php
@@ -1,3 +1,46 @@
+<?php
+session_start();
+include 'db_conf.php';
+
+$error = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $email = $_POST['email'];
+    $password = $_POST['password'];
+    
+    $sql = "SELECT UserID, Name, Surname, Password, Role FROM Users WHERE Email = ?";
+    if ($stmt = $conn->prepare($sql)) {
+        $stmt->bind_param("s", $email);
+        $stmt->execute();
+        $stmt->store_result();
+        
+        if ($stmt->num_rows > 0) {
+            $stmt->bind_result($user_id, $name, $surname, $hashed_password, $role);
+            $stmt->fetch();
+            
+            if (password_verify($password, $hashed_password)) {
+                $_SESSION['id'] = $user_id;
+                $_SESSION['name'] = $name;
+                $_SESSION['surname'] = $surname;
+                $_SESSION['role'] = $role;
+                header('Location: index.php');
+                exit();
+            } else {
+                $error = 'Credenziali errate.';
+            }
+        } else {
+            $error = 'Credenziali errate.';
+        }
+        
+        $stmt->close();
+    } else {
+        $error = 'Errore nel database.';
+    }
+}
+
+$conn->close();
+?>
+
 <!DOCTYPE html>
 <html lang="it">
 <head>
@@ -7,46 +50,6 @@
     <link rel="stylesheet" href="assets/style.css">
 </head>
 <body>
-    <?php
-        session_start();
-        include 'db_conf.php';
-        
-        $error = '';
-        
-        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-            $email = $_POST['email'];
-            $password = $_POST['password'];
-            
-            $sql = "SELECT UserID, Name, Surname, Password, Role FROM Users WHERE Email = ?";
-            if ($stmt = $conn->prepare($sql)) {
-                $stmt->bind_param("s", $email);
-                $stmt->execute();
-                $stmt->store_result();
-                
-                if ($stmt->num_rows > 0) {
-                    $stmt->bind_result($user_id, $name, $surname, $hashed_password, $role);
-                    $stmt->fetch();
-                    
-                    if (password_verify($password, $hashed_password)) {
-                        $_SESSION['id'] = $user_id;
-                        $_SESSION['name'] = $name;
-                        $_SESSION['surname'] = $surname;
-                        $_SESSION['role'] = $role;
-                        header('Location: index.php');
-                        exit();
-                    } else {
-                        $error = 'Credenziali errate.';
-                    }
-                } else {
-                    $error = 'Credenziali errate.';
-                }
-                
-                $stmt->close();
-            } else {
-                $error = 'Errore nel database.';
-            }
-        }
-    ?>
     <form action="" method="POST">
         <h2>Login</h2>
         <label for="email">Indirizzo e-mail:</label>
