<?php session_start(); require_once 'config.php'; if(isset($_PO

1. <?php
2.  
3.     session_start();
4.     require_once 'config.php';
5.     if(isset($_POST["submit"])) {
6.         $username = $_POST["username"];
7.         $password = $_POST["password"];
8.         $query = mysqli_query($conn, "SELECT id, password, level, role FROM tbl_users WHERE username = '$username'");
9.         $result = mysqli_fetch_assoc($query);
10.         if(password_verify($password, $result["password"]) && mysqli_affected_rows($conn) > 0) {
11.             $id = $_SESSION["id"] = (int) $result["id"];
12.             $_SESSION["level"] = (int) $result["level"];
13.             $_SESSION["role"] = $result["role"];
14.             mysqli_query($conn, "UPDATE tbl_users SET login = 1 WHERE id = $id");
15.             header("Location: index.php");
16.         } else {
17.             echo "<script>alert('Username dan Password Salah!');</script>";
18.         }
19.     }
20.  
21. ?>