Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!--- ============CONFIG========== -->
- <?php
- define('DBHOST', 'localhost');
- define('DBUSER', 'root');
- define('DBPASS', '');
- define('DBNAME', 'mdcweb');
- /**
- * $dbconnect : koneksi kedatabase
- */
- $dbconnect = new mysqli(DBHOST,DBUSER,DBPASS,DBNAME);
- /**
- * check error yang terjadi saat koneksi
- * jika terdapat error maka die() // stop dan tampilkan error
- */
- if ($dbconnect->connect_error) {
- die('Database Not Connect. Error : ' . $dbconnect->connect_error);
- }
- <!-- code-->
- <?php
- session_start();
- require 'config.php';
- if ( isset($_POST['username']) && isset($_POST['password']) ) {
- $sql_check = "SELECT nama,
- level_user,
- id_user
- FROM users
- WHERE
- username=?
- AND
- password=?
- LIMIT 1";
- $check_log = $dbconnect->prepare($sql_check);
- //$check_log->bind_param('ss', $username, $password);
- //base dari https://stackoverflow.com/questions/15748254/how-to-run-the-bind-param-statement-in-php
- $username = $_POST['username'];
- $password = md5($_POST["password"] );
- $check_log->bind_param('ss', $username, $password);
- if($check_log->execute()){
- //==================
- $check_log->store_result();
- if ( $check_log->num_rows == 1) {
- $check_log->bind_result($nama, $level_user, $id_user);
- while ( $check_log->fetch() ) {
- $_SESSION['user_login'] = $level_user;
- $_SESSION['sess_id'] = $id_user;
- $_SESSION['nama'] = $nama;
- }
- $check_log->close();
- //===========================
- }
- else{
- die('error!!');
- }
- header('location:on-' .$level1_user);
- exit();
- } else {
- header('location: login.php?error=' .base64_encode('Username dan Password Invalid!!!'));
- exit();
- }
- } else {
- header('location:login.php');
- exit();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement