Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (isset($_POST['login'])) {
- $username = filter_input(INPUT_POST,'username',FILTER_SANITIZE_STRING);
- $password = filter_input(INPUT_POST,'password',FILTER_SANITIZE_STRING);
- if (empty($username) || empty($password)) {
- echo "filed tidak boleh kosong";
- exit();
- }
- $query = "SELECT * FROM users WHERE username=:username";
- $query_params = array(
- ":username" => $username
- );
- try {
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- }
- catch (PDOException $error) {
- die("error value $error->getmessege");
- }
- $row = $stmt->fetch();
- $login_ok = false;
- if ($row) {
- $checkpassword = hash('sha256', $password . $row['salt']);
- for ($round=0; $round < 65536 ; $round++) {
- $checkpassword = hash('sha256',$checkpassword . $row['salt']);
- }
- if ($checkpassword === $row['password']) {
- $login_ok = true;
- }
- }
- if ($login_ok) {
- unset($row['password']);
- unset($row['salt']);
- $_SESSION['user'] = $row['username'];
- header("Location:../home");
- }
- else{
- echo " login gagal ";
- die();
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
