login,php

1. <?php
2. session_start();
3. require("mainconfig.php");
4. $msg_type = "nothing";
5.  
6. if (isset($_SESSION['user'])) {
7. $sess_username = $_SESSION['user']['username'];
8. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$sess_username'");
9. $data_user = mysqli_fetch_assoc($check_user);
10. if (mysqli_num_rows($check_user) == 0) {
11. header("Location: ".$cfg_baseurl."logout.php");
12. } else if ($data_user['status'] == "Suspended") {
13. header("Location: ".$cfg_baseurl."logout.php");
14. }
15.  
16. $check_order = mysqli_query($db, "SELECT SUM(price) AS total FROM orders WHERE user = '$sess_username'");
17. $data_order = mysqli_fetch_assoc($check_order);
18. $check_order2 = mysqli_query($db, "SELECT SUM(price) AS total FROM orders_pulsa WHERE user = '$sess_username'");
19. $data_order2 = mysqli_fetch_assoc($check_order2);
20. $count_users = mysqli_num_rows(mysqli_query($db, "SELECT * FROM users"));
21. } else {
22. if (isset($_POST['login'])) {
23. $post_username = mysqli_real_escape_string($db, trim($_POST['username']));
24. $post_password = mysqli_real_escape_string($db, trim($_POST['password']));
25. if (empty($post_username) || empty($post_password)) {
26. $msg_type = "error";
27. $msg_content = "<b>Gagal:</b> Mohon mengisi semua input.";
28. } else {
29. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$post_username'");
30. if (mysqli_num_rows($check_user) == 0) {
31. $msg_type = "error";
32. $msg_content = "<b>Gagal:</b> Username atau password salah.";
33. } else {
34. $data_user = mysqli_fetch_assoc($check_user);
35. if ($post_password <> $data_user['password']) {
36. $msg_type = "error";
37. $msg_content = "<b>Gagal:</b> Username atau password salah.";
38. } else if ($data_user['status'] == "Suspended") {
39. $msg_type = "error";
40. $msg_content = "<b>Gagal:</b> Akun nonaktif.";
41. } else {
42. $_SESSION['user'] = $data_user;
43. header("Location: ".$cfg_baseurl);
44. }
45. }
46. }
47. }
48. }
49.  
50. include("lib/header.php");
51. if (isset($_SESSION['user'])) {
52. ?>
53. <?php
54. } else {
55. ?>
56. <center><img src="https://pbs.twimg.com/media/DdVCaNBUwAA-1yl.jpg" alt="Marhaban Ya Ramadhan" width="325px" height="325px"></img></center><br>
57. <div class="row">
58. <div class="col-md-offset-2 col-md-8">
59. <div class="panel panel-default">
60. <div class="panel-heading">
61. <h3 class="panel-title"><i class="fa fa-user"></i> Masuk</h3>
62. </div>
63. <div class="panel-body">
64. <?php
65. if ($msg_type == "error") {
66. ?>
67. <div class="alert alert-danger">
68. <a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
69. <i class="fa fa-times-circle"></i>
70. <?php echo $msg_content; ?>
71. </div>
72. <?php
73. }
74. ?>
75. <form class="form-horizontal" role="form" method="POST">
76. <div class="form-group">
77. <label class="col-md-2 control-label">Username</label>
78. <div class="col-md-10">
79. <input type="text" name="username" class="form-control" placeholder="Username">
80. </div>
81. </div>
82. <div class="form-group">
83. <label class="col-md-2 control-label">Password</label>
84. <div class="col-md-10">
85. <input type="password" name="password" class="form-control" placeholder="Password">
86. </div>
87. </div>
88. <div class="form-group">
89. <div class="box-footer">
90. <a href="http://line.me/ti/p/%40cqc5545f" class="btn btn-info"><i class="fa fa-user-plus"></i> Daftar</a>
91. <button type="submit" class="btn btn-success pull-right" name="login" value="1"><i class="fa fa-send"></i> Masuk</button>
92. </div>
93. </div>
94. </form>
95. </div>
96.  
97. </div>
98. </div>
99. <!-- end row -->
100.  
101. <?php
102. }
103. include("lib/footer.php");
104. ?>