Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // define the mysql settings
- define("DB_SERVER", "localhost");
- define("DB_USERNAME","username");
- define("DB_PASSWORD", "password");
- define("DB_NAME", "database");
- // setting MySQL table and configuration
- $connection = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME) or die ("Cannot connect");
- // read input from user
- $username = $_POST["username"];
- $password = $_POST["password"];
- if(isset($_POST["login"])) {
- if (empty($_POST["username"]) || empty($_POST["password"])) {
- echo "Fill the username and the password text field";
- } else {
- // protect from SQL Injection
- $username = stripslashes($username);
- $password = stripslashes($password);
- $username = mysqli_real_escape_string($connection, $username);
- $password = mysqli_real_escape_string($connection, $password);
- $password = md5($password);
- // execute the query
- $query = "select * from account where username = '$username' and password = '$password'";
- $result = mysqli_query($connection, $query) or die (mysql_error());
- $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
- if (mysqli_num_rows($result) == 1) {
- if ($row["username"] == $username && $row["password"] == $password) {
- echo "LOGIN SUKSES";
- }
- } else {
- echo "LOGIN GAGAL";
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
