Untitled

<?php

// this script for function login and signup (or maybe member soon)
$action = $_GET['method'];
switch ($action) {

    case 'registering':

    $username  = $_POST['username'];
    $password1 = $_POST['pass1'];
    $password2 = $_POST['pass2'];
    $registered = $_POST['registeted'];
    $lastlogin = $_POST['lastlogin'];

    // cek kesamaan password
    if ($password1 == $password2){
        include('config.php');

        // perlu dibuat sebarang pengacak
        $pengacak  = "NDJS3289JSKS190JISJI";

        // mengenkripsi password dengan md5() dan pengacak
        $password1 = md5($pengacak . md5($password1) . $pengacak);

        // menyimpan username dan password terenkripsi ke database
        $query = "INSERT INTO user VALUES ('', '$username', '$password1', '$registered', '$lastlogin')";
        $hasil = mysql_query($query) or die(mysql_error());

        // menampilkan status pendaftaran
        if ($hasil) echo "User sudah berhasil terdaftar"; else echo "Username sudah ada yang memiliki";

    } else echo "Password yang dimasukkan tidak sama";

    break;

    case 'login':

    // menjalankan session
    session_start();

    include('config.php');
    //=========================================
    $username = $_POST['username'];
    $password = $_POST['pass'];
    $lastlogin = $_POST['lastlogin'];
    //=========================================

    // mencari password terenkripsi berdasarkan username
    $query = "SELECT * FROM user WHERE username = '$username'";
    $hasil = mysql_query($query) or die(mysql_error());
    $data  = mysql_fetch_array($hasil);

    $pengacak  = "NDJS3289JSKS190JISJI";

    // cek kesesuaian password terenkripsi dari form login
    // dengan password terenkripsi dari database
    if (md5($pengacak.md5($password).$pengacak) == $data['password']){

        // jika sesuai, maka jalankan session untuk username
        $_SESSION['username'] = $username;
        $query = "UPDATE `user` SET `lastvisits`=$lastlogin WHERE 1";
        mysql_query($query);

        // menampilkan menu ke halaman akses
        echo "<h2>Login sukses</h2>";
        echo "<p><a href=\"hal1.php\">Menu 1</a> | <a href=\"hal2.php\">Menu 2</a></p>";

    } else echo "<h2>Login Gagal</h2>";

    break;
}
?>


=========

file: index.php

=========

<?php

// this script for function login and signup (or maybe member soon)
$action = $_GET['action'];

switch ($action) {

    case '': ?>
    <html> <head> <title>Welcome to {$app->title}</title> </head><body> <form method="post" action="system/core.php?method=login">  <table border="0">    <tr>      <td>Masukkan Username </td>      <td><input name="username" type="text"></td>    </tr>    <tr>      <td>Masukkan Password </td>      <td><input name="pass" type="password"></td>    </tr>    <tr>      <td>&nbsp;</td>      <td><input type="submit" name="Submit" value="Submit"></td>    </tr>  </table></form></body></html>
    <?php break;

    case 'register':?>
    <html> <head> <title>Registering for {$app->title}</title> </head><body> <form method="post" action="system/core.php?method=registering"><input type="hidden" name="registered" value="<?php $timezone = date_default_timezone_get(); echo date("m/d/Y");?> at <?php echo $timezone; ?>"><input type="hidden" name="lastlogin" value="<?php $timezone = date_default_timezone_get(); echo date("m/d/Y h:i:s a", time()); ?> from <?php echo $timezone; ?>">  <table border="0">    <tr>      <td>Masukkan Username </td>      <td><input name="username" type="text"></td>    </tr>    <tr>      <td>Masukkan Password </td>      <td><input name="pass1" type="password"></td>    </tr>    <tr>      <td>Ulangi Password </td>      <td><input name="pass2" type="password"></td>    </tr>    <tr>      <td>&nbsp;</td>      <td><input type="submit" name="Submit" value="Submit"></td>    </tr>  </table></form></body></html>
    <?php break;

}
?>