Implementata logica sessioni

index.php

@@ -1,4 +1,5 @@
 <?php
+session_start();
 include 'db_conf.php';
 
 // Query per ottenere tutti i prodotti
@@ -23,7 +24,12 @@ if ($result === false) {
         <div id="logo" style="font-size: 24px; font-weight: bold;">TechStore</div>
         <div>
             <a href=""><button style="margin-left: 10px; padding: 8px 16px; background-color: #007bff; color: white; border: none; border-radius: 4px; cursor: pointer;">Carrello</button></a>
-            <a href="login.php"><button style="margin-left: 10px; padding: 8px 16px; background-color: #28a745; color: white; border: none; border-radius: 4px; cursor: pointer;">Accesso</button></a>
+            <?php if (isset($_SESSION['user'])): ?>
+                <span style="margin-left: 10px;">Benvenuto, <?php echo htmlspecialchars($_SESSION['user']); ?></span>
+                <a href="logout.php"><button style="margin-left: 10px; padding: 8px 16px; background-color: #dc3545; color: white; border: none; border-radius: 4px; cursor: pointer;">Logout</button></a>
+            <?php else: ?>
+                <a href="login.php"><button style="margin-left: 10px; padding: 8px 16px; background-color: #28a745; color: white; border: none; border-radius: 4px; cursor: pointer;">Accesso</button></a>
+            <?php endif; ?>
         </div>
     </header>
 

login.php

@@ -7,6 +7,43 @@
     <link rel="stylesheet" href="style.css">
 </head>
 <body>
+    <?php
+        session_start();
+        include 'db_conf.php';
+        
+        $error = '';
+        
+        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+            $email = $_POST['email'];
+            $password = $_POST['password'];
+            
+            $sql = "SELECT Name, Password FROM Users WHERE Email = ?";
+            if ($stmt = $conn->prepare($sql)) {
+                $stmt->bind_param("s", $email);
+                $stmt->execute();
+                $stmt->store_result();
+                
+                if ($stmt->num_rows > 0) {
+                    $stmt->bind_result($name, $hashed_password);
+                    $stmt->fetch();
+                    
+                    if (password_verify($password, $hashed_password)) {
+                        $_SESSION['user'] = $name;
+                        header('Location: index.php');
+                        exit();
+                    } else {
+                        $error = 'Credenziali errate.';
+                    }
+                } else {
+                    $error = 'Credenziali errate.';
+                }
+                
+                $stmt->close();
+            } else {
+                $error = 'Errore nel database.';
+            }
+        }
+    ?>
     <form action="" method="POST">
         <h2>Login</h2>
         <label for="email">Indirizzo e-mail:</label>

logout.php

@@ -0,0 +1,6 @@
+<?php
+session_start();
+session_destroy();
+header('Location: index.php');
+exit();
+?>